Check out our blog for news, information, and helpful content on fleet management software and solutions, and fleet tracking systems, all available with a few clicks.

Cybersecurity – Questions to Ask Your Telematics Provider

SECURITY IS A COMPLEX TOPIC THAT DEALS WITH EVERY PART OF A TELEMATICS SYSTEM. Simply asking “is our data secure?” isn’t enough. With valuable data on the line, your questions should aim deeper. Look for specific implementations and strategies that form the very basis of modern security standards. The following questions are intended to serve […]
About the Author
Ann Dhaliwal

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec nibh dui, blandit id tristique quis, pulvinar vitae dui. Nam erat nibh, euismod sit amet tellus sed, suscipit faucibus felis. Nulla ut pretium lacus. Sed facilisis nisi eu nibh pulvinar facilisis vitae eget nibh.

SECURITY IS A COMPLEX TOPIC THAT DEALS WITH EVERY PART OF A TELEMATICS SYSTEM.

Simply asking “is our data secure?” isn’t enough. With valuable data on the line, your questions should aim deeper. Look for specific implementations and strategies that form the very basis of modern security standards. The following questions are intended to serve as a primer to help you engage telematics providers about the security of your telematics data.

1. WHO MANUFACTURERS THE TELEMATICS HARDWARE? WILL THE DEVICE BE THE SAME ACROSS MY ENTIRE FLEET?

Why It Is Important To Ask: If your telematics provider does not manufacture their own hardware, they may not have good insight into the security of the hardware. Similarly, if your provider does not have direct control over their hardware and software security, they may take longer to respond to threats or vulnerabilities because they will need to coordinate with third parties. Moreover, electronics are updated frequently. Different hardware models can introduce different sets of vulnerabilities for each model, meaning that more work will need to be done to patch these security holes across the entire product line. With more hardware variants, there is a higher demand for the engineers to maintain and fix security flaws — in this way resources may not be evenly spread and attention might waver because of product complexity, which can lead to omissions and unfound vulnerabilities.

Manufacturers must be the ones responsible for security for the life of the product.

2. DO YOU ENCRYPT THE DATA AS IT IS SENT OVER THE CELLULAR NETWORK?

Why It Is Important To Ask: Cellular carriers should not be exclusively relied upon to secure the delivery of your telematics data over the air. It is important that your telematics providers take additional steps to encrypt your data so that even if the cellular communication channel is compromised, your data will not be.

3. IS THE FIRMWARE SIGNED TO PREVENT OUTSIDE PARTIES FROM CHANGING THE CODE ON THE DEVICE?

Why It Is Important To Ask: The firmware is the brain behind the device — it decides where the data is sent, what data is captured, and how it is stored. If a malicious firmware were installed on your device, it would no longer be possible to know where your data is being sent or what is happening to it. Your telematics provider should sign every firmware update with a digital signature that indicates the update came from a trusted source.

4. DO YOU HAVE SECURITY DOCUMENTATION THAT COVERS YOUR HARDWARE, YOUR SERVERS, THE TRANSMISSION OF DATA, AS WELL AS POLICIES FOR EMPLOYEES?

Why It Is Important To Ask: Security documentation shows a baseline commitment to a culture of security. A telematics provider should be able to provide details on their security measures, as well as their mitigation and disaster recovery strategies in case something unexpected occurs. A security process outline document — like Geotab’s Technical and Organizational Data Security Measures Statement — goes a long way towards helping you understand what happens to your data.

5. IN THE EVENT THAT YOUR SERVERS ARE COMPROMISED, WHAT SORT OF MITIGATION STRATEGY DO YOU USE TO PROTECT THE ACCOUNT INFORMATION OF YOUR USERS?

Why It Is Important To Ask: If a security breach does occur, the system should contain as little personal information as possible. Passwords should never be stored directly in the system of your telematics provider; rather, passwords should be transformed into hashes and further strengthened through salting.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Articles

fleet preventative maintenance
Extending the Life of Your Fleet Vehicles with Preventative Maintenance Data
Fleet vehicles are the backbone of many businesses, supporting essential operations and contributing to their success. To maximize the return on investment and keep your fleet running smoothly, adopting telematics into your preventative maintenance program is crucial. Especially now as there are parts and vehicles shortages, you need to keep your fleet vehicles on the […]
CONTINUE READING
Forklift Safety
Enhancing Forklift Safety through Telematics: Revolutionizing Warehouse Operations
In the world of logistics and warehousing, forklifts play a crucial role in material handling. However, their utility also comes with risks, as forklift accidents can lead to serious injuries and even fatalities. To address these concerns, the advent of telematics technology has contributed to a transformative shift in forklift safety. By harnessing the power […]
CONTINUE READING
Fleet Safety Programs for Operation Safe Driver Week
Commercial Vehicle Safety Alliance (CVSA) Save Driver week takes place annually across North America July 10-16. It’s a safe driving awareness and outreach initiative aimed at improving the driving behaviours of passenger vehicle drivers and commercial motor vehicle drivers through educational and traffic enforcement. During the week, law enforcement officers will be looking for drivers who show […]
CONTINUE READING

CONTACT US

405 Laird Road Guelph, ON N1G4P7

GET STARTED TODAY

See how Connected Vehicles can optimize your business.

STAY CONNECTED

Sign up to our newsletter to keep informed with the latest on the connected fleet and asset management platform.
By submitting this form, you are consenting to receive null from: Altruck, 48 Ardelt Ave, Kitchener, ON, Ontario, N2C2C9, CA, http://www.ALTRUCK.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email.
crosschevron-down