T&P Trucking, Ltd.

Cyber Security in Flatbed Trucking

Categories: News

In today’s world, we are more connected than ever before. From checking the weather in the morning to making a status update in the afternoon, the internet world constantly interacts with our daily routine. On top of that, it seems like almost every app is asking for either personal info in order to sign in or it’s asking for way too many permissions during install. The need to remain diligent in protecting our information has never been higher.

Some questions we need to ask are:

  • While protecting our own information is important, is there really a cyber security issue for trucking companies?
  • If we use good passwords and install a virus program, won’t that be good enough?
  • Would anyone really want to hack into an SMB company like T&P Trucking just to steal info about our LTL rates to Portland?

Let’s examine a few ways a flatbed trucking company can become not only cyber protected but also cyber smart.

An Attack is Coming


Back in May, we held a special C-TPAT training class for T&P Trucking employees. A portion of that training was heavily focused on cyber security. It was then that our general manager Sam explained the risks for an SMB trucking company like ours. One such risk is from hacking groups that want to exploit access into our systems for financial gain, to steal sensitive documents, or to harness the power of our servers or networks.

These groups are specifically targeting companies of our size not only because we have the resources they need, but because most won’t have the same protection as major corporations. It was made clear that it isn’t a matter of IF they will attack but WHEN they will attack.

This type of attack is most likely to come through an employees’ computer. This is not because an employee is secretly an evil genius hoping to destroy the business, but because each employee is constantly visiting web pages and receiving emails. All it takes is one misleading link that when clicked, carries the user to a malicious page. Without implementing rules similar to George Orwell’s 1984 totalitarian society, how can a flatbed trucking company possibly maintain the cyber security over every web page or email an employee might open?

The cyber security solution is an uncomplicated one and it can be applied to any type of business. The solution is the implementation of several procedures that each employee will need to abide by. Some of these simple procedures are:

  • Not sharing access of their computer with a stranger
  • Always logging off of a workstation when leaving it unattended
  • Change passwords every 90-180 days
  • Passwords should be a mix of letters, symbols, and numbers – at least 12 characters
  • Keep Anti-Virus definitions up-to-date and scan any computer downloads prior to use
  • Report any suspicious emails or attachments to management BEFORE opening them

If these measures are put in place, it will go a long way towards the protection of your computer systems. There is also another extremely important technique that many large professional businesses employ. We can look to the physical world to see as excellent example of successful security programs.

What Makes Security Successful?

The level of computer security needed can be easily illustrated by a casino. (But not because we take a gamble with security) The security in a casino is so renowned that even major banks turn to them for guidance.

In a casino, they obviously put extreme value on the millions of dollars in their possession. Now close your eyes and just imagine that multitude of cash securely resting in a locked box deep inside a casino. That box is located in a larger safe, with well-trained watchmen protecting the entrance. Beyond them is even more intimidating security guards, routinely strolling through the crowded casino floor keeping a watchful eye for any signs of security threats.

Apart from all of this are the stealthy eyes of the security cameras, which can total upwards of 2,000 units. All of which feature 128-bit encryption, which makes it especially difficult for any would-be thieves who desire to use these cameras to their advantage.

You have probably realized by now that it would take some serious ‘Oceans 11 type’ planning if you desperately wanted to steal that cash.

The underlining recipe to success of a casino’s security program is layers.

Layers Upon Layers

Layers are super important when it comes to stopping cyber hackers or terrorists. It is this concept that when applied to our security measures here at T&P Trucking, ensures that we will sleep soundly without agonizing about attacks. The following are the multitude of layers that we have researched. Each layer is something an SMB can do within an affordable budget.

Firewalls

This is the most basic player on your defense team. The firewall will be the first to identify a possible risk to your system. In most cases, these programs only manage a threat that has already landed on your computer, and sometimes it’s too late by then. However, you can program some firewall programs to restrict certain websites it identifies as possible risks, such as download sites or advertisement pages. This is also an important function towards emails as each employee receives dozens of emails every day, any of which could host malicious software. A proper firewall program will filter all of these emails first and identify any potential risks.

Passwords

We all know how a password works. If you have any type of work-related information on your device, then it needs protection. A good password not only prevents someone from physically accessing a device but can also stop outside attacks. However, just like any physical lock, it’s only useful if you actually lock it. Even if you leave your workstation or phone unattended for a short time, it is vital that it isn’t left vulnerable – lock it up. It is also highly recommended that you install dual authentication wherever possible. Most apps (google, ebay, amazon, paypal, etc.) that contain vital information have the option to set up dual authentication, where the app will send a unique code to your phone in order to complete the sign in process. This basically works on the principle of ‘know something’ (your password), ‘have something’ (6 digit code sent to your phone). It will require some extra time to log in, but the reward is knowing that you are completely secure.

HDD Encryption

HDD encryption is a technology that protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people. This may sound complicated, but it is a simple process that even the most technically challenged person can accomplish. Most computers have the option built right in to encrypt local storage or even portable storage devices like flash drives. Even if the computer, phone, or flash drive is stolen, the information stored within will still be inaccessible to the culprit.

Onsite Backups

No matter how secure or safe a computer system seems to be, there is always the risk of corrupting or wiping out valuable data. This is why so many businesses choose to use backups, which basically entails storing data on a periodic basis to a local device – nowadays it will most likely be an HDD or SSD. The biggest downside to this is should a water line burst or a fire happens, any local storage devices could be damaged or destroyed. Aside from this, they could also be stolen. The next layer provides the solution to this.

Offsite Backup

An offsite backup has a distinct advantage in that it is accessible from any location via internet or FTP. Also, any data can be shared to multiple remote locations. When offsite backups are routinely scheduled, a business can feel rest assured that even if their local data is compromised by a virus attack, the offsite data will remain intact. The data can then be used to restore the local systems to an earlier point before any attack. The one downside in offsite storage is it can sometimes be tricky to access the information. One example is when the offsite servers are down for preventative maintenance. Accessing the data during this point can be very limited or cut off altogether.

Remaining Diligent

If the talk of SSD, HDD, FTP, SAS or hexadecimal passwords gives you a headache, don’t fear that all hope is lost. There are countless IT consulting companies out there that offer a variety of services that will get you started. Aside from that, there is also the magnificent world of YouTube. You can easily find tons of basic walkthroughs that can help you to start a basic setup to protect your files.

As your company grows so will your information system. Don’t wait until it is on the verge of falling apart to take action, by then the cost of trying to rescue your data will far outweigh the cost of just upgrading your security to begin with. As mentioned at the onset, an attack is coming and it WILL happen to you. Never assume your stock firewall software will protect you once a virus lands on your computer.

Like a casino, if the security guards (firewalls) identify a threat (virus, malware, etc.) even before they enter the building (computer), then there is no chance of the valuables inside becoming compromised.

References

DHS.gov
Fleetowner.com

Contributors

Rob Morris

2 thoughts on “Cyber Security in Flatbed Trucking”

  1. Saul Maddison says:

    I got this web site from my buddy who told me all about it. So far I have found this web page to have very informative posts. I look forward to reading more.

    1. Rob Morris says:

      Thanks for taking the time to check out our website Saul. You are invited to subscribe to our blogs so that you don’t miss out on any new updates.

Comments are closed.