Check out our blog for news, information, and helpful content on fleet management software and solutions, and fleet tracking systems, all available with a few clicks.

Cybersecurity – Questions to Ask Your Telematics Provider

SECURITY IS A COMPLEX TOPIC THAT DEALS WITH EVERY PART OF A TELEMATICS SYSTEM. Simply asking “is our data secure?” isn’t enough. With valuable data on the line, your questions should aim deeper. Look for specific implementations and strategies that form the very basis of modern security standards. The following questions are intended to serve […]
About the Author
Ann Dhaliwal

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec nibh dui, blandit id tristique quis, pulvinar vitae dui. Nam erat nibh, euismod sit amet tellus sed, suscipit faucibus felis. Nulla ut pretium lacus. Sed facilisis nisi eu nibh pulvinar facilisis vitae eget nibh.

SECURITY IS A COMPLEX TOPIC THAT DEALS WITH EVERY PART OF A TELEMATICS SYSTEM.

Simply asking “is our data secure?” isn’t enough. With valuable data on the line, your questions should aim deeper. Look for specific implementations and strategies that form the very basis of modern security standards. The following questions are intended to serve as a primer to help you engage telematics providers about the security of your telematics data.

1. WHO MANUFACTURERS THE TELEMATICS HARDWARE? WILL THE DEVICE BE THE SAME ACROSS MY ENTIRE FLEET?

Why It Is Important To Ask: If your telematics provider does not manufacture their own hardware, they may not have good insight into the security of the hardware. Similarly, if your provider does not have direct control over their hardware and software security, they may take longer to respond to threats or vulnerabilities because they will need to coordinate with third parties. Moreover, electronics are updated frequently. Different hardware models can introduce different sets of vulnerabilities for each model, meaning that more work will need to be done to patch these security holes across the entire product line. With more hardware variants, there is a higher demand for the engineers to maintain and fix security flaws — in this way resources may not be evenly spread and attention might waver because of product complexity, which can lead to omissions and unfound vulnerabilities.

Manufacturers must be the ones responsible for security for the life of the product.

2. DO YOU ENCRYPT THE DATA AS IT IS SENT OVER THE CELLULAR NETWORK?

Why It Is Important To Ask: Cellular carriers should not be exclusively relied upon to secure the delivery of your telematics data over the air. It is important that your telematics providers take additional steps to encrypt your data so that even if the cellular communication channel is compromised, your data will not be.

3. IS THE FIRMWARE SIGNED TO PREVENT OUTSIDE PARTIES FROM CHANGING THE CODE ON THE DEVICE?

Why It Is Important To Ask: The firmware is the brain behind the device — it decides where the data is sent, what data is captured, and how it is stored. If a malicious firmware were installed on your device, it would no longer be possible to know where your data is being sent or what is happening to it. Your telematics provider should sign every firmware update with a digital signature that indicates the update came from a trusted source.

4. DO YOU HAVE SECURITY DOCUMENTATION THAT COVERS YOUR HARDWARE, YOUR SERVERS, THE TRANSMISSION OF DATA, AS WELL AS POLICIES FOR EMPLOYEES?

Why It Is Important To Ask: Security documentation shows a baseline commitment to a culture of security. A telematics provider should be able to provide details on their security measures, as well as their mitigation and disaster recovery strategies in case something unexpected occurs. A security process outline document — like Geotab’s Technical and Organizational Data Security Measures Statement — goes a long way towards helping you understand what happens to your data.

5. IN THE EVENT THAT YOUR SERVERS ARE COMPROMISED, WHAT SORT OF MITIGATION STRATEGY DO YOU USE TO PROTECT THE ACCOUNT INFORMATION OF YOUR USERS?

Why It Is Important To Ask: If a security breach does occur, the system should contain as little personal information as possible. Passwords should never be stored directly in the system of your telematics provider; rather, passwords should be transformed into hashes and further strengthened through salting.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Articles

Mobile Lone Worker Safety Monitoring By Grace
High Performance Wireless Personal Alert Safety System capable of send panic alarms with the worker’s GPS position up to 1 mile from the worker to the vehicle. Use to satisfy your responsibility in compliance with Lone Worker regulation.
CONTINUE READING
Reduce Your Idle Time
Fleet idling can be a big drain on your profits. And it has an incremental environmental impact as well. Idling wastes fuel and increase vehicle maintenance costs. Idling is also a bit misunderstood – We tend to over-idle even when most diesel engine manufacturers recommend maximum of three minutes of idling for warm up. Idling longer […]
CONTINUE READING
TMW Truckmate Integration By Zenduit
TruckMate is widely used for Full Accounting, Integrated Dispatch and Operations Software for mid-large LTL, Intermodal & Truckload carriers. Combine it with MyGeotab and Geotab Drive to update work orders and work order status directly from their Geotab Drive Compliance App.
CONTINUE READING

CONTACT US

405 Laird Road Guelph, ON N1G4P7

GET STARTED TODAY

See how Connected Vehicles can optimize your business.

STAY CONNECTED

Sign up to our newsletter to keep informed with the latest on the connected fleet and asset management platform.
By submitting this form, you are consenting to receive null from: Altruck, 48 Ardelt Ave, Kitchener, ON, Ontario, N2C2C9, CA, http://www.ALTRUCK.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email.
crosschevron-down