How to Balance Data Security with Opportunity

by   |   July 14, 2016 5:30 am   |   0 Comments

Neil Cawse, CEO, Geotab

Neil Cawse, CEO, Geotab

Imagine more than 264,000 commercial truck drivers sitting around doing absolutely nothing for an entire year – and getting paid for it. You don’t have to. That’s the effect traffic jams have on the trucking industry’s productivity, and it cost nearly $50 billion in 2014 alone, the American Transportation Research Institute says.

The effects don’t stop there, either. Those costs are passed on to customers in the form of higher shipping rates. There’s also an environmental impact because every truck stuck in traffic is idling.

The good news is that there is no shortage of tools that enable trucking companies – and other fleet owners – to choose the least congested routes. The bad news is that they could lose access to those tools as a byproduct of proposed laws aimed at addressing the security and privacy of vehicular data.

An Open Port Enables Innovation and Choice

Security/privacy discussions usually focus on the On-Board Diagnostics (OBD) port, which is built into every U.S. vehicle manufactured since 1996. It provides vehicle owners with a wealth of diagnostic and operational information that can be used to identify problems before they cause damage to the vehicle, the driver, and the environment.

For example, the OBD port can relay information about the amount of time a vehicle spends driving slower than the speed limit, which is a sure sign of traffic jams. Fleet owners can use those insights to develop alternative routes that maximize productivity, save fuel, reduce emissions, and speed deliveries.

Related Stories

5 Steps for Creating a Scalable Data Security Plan.
Read the story »

Build Customer Trust on a Foundation of Data Security.
Read the story »

True Data Security Starts with User Access Control.
Read the story »

Data Security for a Growing IoT Market.
Read the story »

But Congress and other regulators are concerned that the OBD port also enables security breaches. In one well-known example, hackers used a cellular connection to access the OBD port on a Jeep so they could disable the brakes. That and other headline-grabbing hacks recently prompted a House subcommittee to explore how industry and regulators can mitigate vehicular cybersecurity threats.

Such concerns are understandable and justified. Unfortunately, they sometimes result in bills such as the SPY Car Act of 2015, which would have severely limited who can access OBD-enabled information such as location and speed unless the owner has given consent. The risk with such blanket restrictions is that they eliminate many of the OBD port’s benefits for fleet operators and other vehicle owners, including consumers.

“Right-to-repair” legislation, for example, ensures that the OBD-enabled diagnostic data that’s always been available to manufacturer dealerships is also accessible by independent repair shops. Opponents argued that keeping the OBD port open would enable hackers to access information such as smart-key codes and engine-immobilizer capabilities. Lawmakers believed that these concerns were outweighed by the ability to give owners more options for servicing their vehicles, as well as the information they need to service vehicles themselves.

Governments have a vested interest in ensuring that the OBD port remains open to more than just vehicle manufacturers – and not just because states and federal agencies are fleet owners themselves. For example, anonymized, aggregated big data about locations where hard braking occurs helps them identify where roads need to be expanded or redesigned to minimize accidents. Big data also is another tool for verifying manufacturer claims about fuel economy, reliability, and safety – insights that they can share with fleet owners and consumers.

Pursue Sensible, Effective Security

Collecting vehicular data on an anonymous, aggregated basis is key for protecting the security and privacy of owners and drivers, who also should have the ability to opt out of participating. These are two examples of the kind of practical, effective safeguards that lawmakers should consider when looking for ways to minimize the impact of data breaches.

Lawmakers also should continue to resist lobbying to restrict access to the OBD port. This approach is known as “security by obscurity,” and it hasn’t worked in other industries, such as telecom and IT, because hackers inevitably find ways to exploit limited-access systems. That’s why the National Institute of Standards and Technology warns, “System security should not depend on the secrecy of the implementation or its components.”

Open-source IT is an example of how openness maximizes security. Vulnerabilities can be spotted and fixed faster when many companies are looking for them. In fact, many enterprises prefer open-source software because they don’t have to rely on a single vendor to identify and address emerging threats.

Security concerns are understandable and should be taken seriously. But maximizing security doesn’t have to come at the expense of choice, innovation, and opportunity.

Neil Cawse is CEO of Geotab. Neil is an accomplished business leader, entrepreneur, and engineer who has been founding and running his own businesses since 1992. In 1998, Neil sold his software development company with over 100 engineers to Datatec. In 2000, Neil founded Geotab Inc., which is now the largest telematics company in the world, as measured by new vehicle subscriptions on a yearly basis. Geotab has been voted one of the 50 fastest-growing tech companies in Canada and has been ranked in the top 200 in North America for the last four years. Neil is an engineer at heart, and this passion keeps him involved in the day-to-day engineering and design of Geotab’s systems. Neil believes that Geotab’s success stems from the company’s integrity, its forward-thinking ideals and, foremost, the customer receiving the right solution.

Subscribe to Data Informed for the latest information and news on big data and analytics for the enterprise, plus get instant access to more than 20 eBooks.

Improving access to data across your company/partner ecosystem

Tags: , , , , ,

Post a Comment

Your email is never published nor shared. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>