Check out our blog for news, information, and helpful content on fleet management software and solutions, and fleet tracking systems, all available with a few clicks.

Cybersecurity – Questions to Ask Your Telematics Provider

SECURITY IS A COMPLEX TOPIC THAT DEALS WITH EVERY PART OF A TELEMATICS SYSTEM. Simply asking “is our data secure?” isn’t enough. With valuable data on the line, your questions should aim deeper. Look for specific implementations and strategies that form the very basis of modern security standards. The following questions are intended to serve […]
About the Author
Ann Dhaliwal

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec nibh dui, blandit id tristique quis, pulvinar vitae dui. Nam erat nibh, euismod sit amet tellus sed, suscipit faucibus felis. Nulla ut pretium lacus. Sed facilisis nisi eu nibh pulvinar facilisis vitae eget nibh.

SECURITY IS A COMPLEX TOPIC THAT DEALS WITH EVERY PART OF A TELEMATICS SYSTEM.

Simply asking “is our data secure?” isn’t enough. With valuable data on the line, your questions should aim deeper. Look for specific implementations and strategies that form the very basis of modern security standards. The following questions are intended to serve as a primer to help you engage telematics providers about the security of your telematics data.

1. WHO MANUFACTURERS THE TELEMATICS HARDWARE? WILL THE DEVICE BE THE SAME ACROSS MY ENTIRE FLEET?

Why It Is Important To Ask: If your telematics provider does not manufacture their own hardware, they may not have good insight into the security of the hardware. Similarly, if your provider does not have direct control over their hardware and software security, they may take longer to respond to threats or vulnerabilities because they will need to coordinate with third parties. Moreover, electronics are updated frequently. Different hardware models can introduce different sets of vulnerabilities for each model, meaning that more work will need to be done to patch these security holes across the entire product line. With more hardware variants, there is a higher demand for the engineers to maintain and fix security flaws — in this way resources may not be evenly spread and attention might waver because of product complexity, which can lead to omissions and unfound vulnerabilities.

Manufacturers must be the ones responsible for security for the life of the product.

2. DO YOU ENCRYPT THE DATA AS IT IS SENT OVER THE CELLULAR NETWORK?

Why It Is Important To Ask: Cellular carriers should not be exclusively relied upon to secure the delivery of your telematics data over the air. It is important that your telematics providers take additional steps to encrypt your data so that even if the cellular communication channel is compromised, your data will not be.

3. IS THE FIRMWARE SIGNED TO PREVENT OUTSIDE PARTIES FROM CHANGING THE CODE ON THE DEVICE?

Why It Is Important To Ask: The firmware is the brain behind the device — it decides where the data is sent, what data is captured, and how it is stored. If a malicious firmware were installed on your device, it would no longer be possible to know where your data is being sent or what is happening to it. Your telematics provider should sign every firmware update with a digital signature that indicates the update came from a trusted source.

4. DO YOU HAVE SECURITY DOCUMENTATION THAT COVERS YOUR HARDWARE, YOUR SERVERS, THE TRANSMISSION OF DATA, AS WELL AS POLICIES FOR EMPLOYEES?

Why It Is Important To Ask: Security documentation shows a baseline commitment to a culture of security. A telematics provider should be able to provide details on their security measures, as well as their mitigation and disaster recovery strategies in case something unexpected occurs. A security process outline document — like Geotab’s Technical and Organizational Data Security Measures Statement — goes a long way towards helping you understand what happens to your data.

5. IN THE EVENT THAT YOUR SERVERS ARE COMPROMISED, WHAT SORT OF MITIGATION STRATEGY DO YOU USE TO PROTECT THE ACCOUNT INFORMATION OF YOUR USERS?

Why It Is Important To Ask: If a security breach does occur, the system should contain as little personal information as possible. Passwords should never be stored directly in the system of your telematics provider; rather, passwords should be transformed into hashes and further strengthened through salting.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Articles

Why You Need Telematics For Accident Reconstruction
When it comes to fleet safety, accident reconstruction has evolved to provide drivers and fleet owners with the details to understand the events that surround a collision. Accident reconstruction is important for insurance, training and can be used in litigation.  That's because there is important scientific information that can be collected before, during, and after […]
CONTINUE READING
How Asset Trackers Reduce Risk and Increase Asset Utilization
Key Takeaways Asset trackers play a pivotal role in mitigating the $15-$30 billion annual loss due to cargo theft in the U.S. They secure all stages of the supply chain, minimizing disruptions to operations and customer satisfaction. Asset trackers aid in theft prevention, high-risk area identification, fraudulent claim prevention, quality protection, asset sharing tracking, asset […]
CONTINUE READING
The Role Of Telematics In Fleet Productivity Management
Great strides have been made when it comes to telematics technology, which has resulted in bigger potential impacts and advantages for fleet management. Telematics can help greatly with your fleet performance efforts, driving fleet productivity forward. What Is A Telematics System? Telematics is a combination of different technologies, sciences, and methodologies, including vehicle and mechanical […]
CONTINUE READING

CONTACT US

405 Laird Road Guelph, ON N1G4P7

GET STARTED TODAY

See how Connected Vehicles can optimize your business.

STAY CONNECTED

Sign up to our newsletter to keep informed with the latest on the connected fleet and asset management platform.
By submitting this form, you are consenting to receive null from: Altruck, 48 Ardelt Ave, Kitchener, ON, Ontario, N2C2C9, CA, http://www.ALTRUCK.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email.
crosschevron-down