If you understand the security risks that come with connected fleet vehicles, it’s now important to reduce the risks to protect your business. The biggest principle to keep in mind is that security should never be static. You must constantly be adapting to new risks.
When it comes to mitigating risk and developing more secure processes, consider adopting the following procedures:
Control physical access to vehicles
Your vehicles hold valuable company data that can wreak havoc when in the wrong hands. It’s important to maintain control over who has access to your vehicles including proximity to the vehicles when unattended.
Consistently update software
It’s tempting to put off or avoid software updates, but it’s important to keep up with them when it comes to maintaining security.
Often times, these updates correct for discovered security holes in the device or software. Devices that are not updated leave the fleet more vulnerable to attack.
Train employees
When it comes to security, creating safer, more cautionary procedures are only half the battle.
Once you have established procedures to ensure greater security, you should provide periodic trainings for employees to make sure they know what is expected of them.
Offer additional trainings to educate employees on other precautionary tasks they should take such as not downloading software from unverified third parties or clicking on email links from an unknown source.
Pre-purchase research
When considering a new device purchase, security is typically not at the forefront of our minds. Instead, it’s assumed that the company is already taking all the necessary precautions to protect its products. But this is not always true.
In fact, when it comes to electronic logging devices (ELDs), experts are concerned about the potential for data breaches. There are no FMCSA regulations concerning the cybersecurity of these devices at the moment.
Fleet managers are purchasing ELDs to meet the mandate deadline without considering the possibility of opening up their fleet vehicles and company to attack.
It’s best to make no assumptions about the cybersecurity of a device before purchasing. Investigate the device and the company’s commitment to security first.
Keep a cautious mindset
It’s risky to assume your company or fleet is not a target for a security threat.
Any company should develop procedures based on the belief it is a target and that attackers have access to valuable information such as internal systems or code of devices.
As you add technological complexity to your fleet vehicles, especially with the rise of connected vehicles, understand that you are increasing the risk of a security breach.
There are countless methods through which attackers can gain access to your vehicle systems and thus your business systems.
When it comes to security, it’s best to be proactive, not reactive.
This article was originally published in ThreatAdvice Cybersecurity Journal.
