91427646 | Robert Crum | Dreamstime.com
671a4c6b2d447c1aeb5a0cd5 Dreamstime L 91427646

Clark: Seven ways to increase your organization's security

Oct. 28, 2024
In today’s rapidly evolving business landscape, security is more than just a safeguard. It’s a critical function that supports the success and longevity of the business.

Today, every fleet, just like every business, must address security threats, which seem to keep growing at a seemingly exponential rate. Increasingly, security plays a pivotal role, serving as the foundation for safeguarding assets, ensuring compliance, and protecting customers and shareholders.

As businesses evolve, so does the role of security. A company's success can be greatly influenced by a mature security program that builds customer trust, ensures regulatory compliance, and mitigates risks. That’s why implementing best practices for building and maintaining an effective security framework is essential.

At a recent NationaLease meeting, Derek Saunders, AVP of security at Geotab, a leader in connected transportation solutions, addressed this issue and discussed steps businesses can take to protect their assets, customers, vendors, and reputation.

Saunders noted that many businesses do not have the necessary talent to provide real security on their own. That’s when companies should turn to third-party security experts to help mitigate any security threats that may arise.

Security best practices for your business

1. Engage security early in business decisions

Involve the security team early in business decisions and application development. Waiting until the last minute to integrate security into projects can lead to vulnerabilities and costly retrofits. Companies can create more secure solutions from the ground up by embedding security into the initial stages of product development, infrastructure planning, and business strategies. Involving security professionals early also ensures that business decisions align with the organization’s risk appetite and contractual obligations.

2. Implement security in depth

The concept of "security in depth" refers to the use of multiple layers of defense to protect an organization from potential threats. It acknowledges that no single security measure can safeguard all systems or data. A well-rounded security approach should include a variety of techniques, such as firewalls, intrusion detection systems, encryption, access control, and employee training. By creating layers of defense, a breach in one area is less likely to lead to complete exposure or compromise. Whether your business is small or large, implementing security in depth is essential for preventing unauthorized access and ensuring data integrity.

3. Adopt and align with industry standards

Every business operates within a unique regulatory and industry-specific framework. It’s important to identify a security standard that your customers acknowledge and require and base your security controls upon that standard. Aligning with a recognized security standard makes it easier to eventually move toward formal certification, which not only provides external validation of your security practices but also builds trust with customers and stakeholders.

See also: Safety, security systems make this fleet safer

4. Build a dynamic and balanced security team

A strong security team is composed of diverse skills, from technical expertise to people management to business knowledge. A well-rounded team is crucial for managing cybersecurity's complex and evolving challenges. A balanced team might include experts in areas such as compliance, incident response, threat analysis, and business continuity. People management skills are equally important in fostering a security-conscious culture within the organization, as are communication skills to explain security risks to executives by illustrating how security policies align with overall business objectives.

5. Risk management: identification, mitigation, and escalation

The primary role of security is to identify, mitigate, and escalate risks. However, third-party security professionals are not responsible for assuming those risks. That responsibility lies with executive management, who must make informed decisions about which risks to accept and which to avoid. Security teams provide the necessary information and insights to help executives make these decisions.

6. Handle ‘red tape’ issues

In some cases, businesses may require additional layers of security or regulatory compliance, often referred to as ‘red tape.’ Saunders notes that security teams should not hesitate to offer these services when needed. However, security should also strive to provide paths of least resistance for businesses that don’t require such stringent measures. Offering a flexible approach ensures that security is seen as a business enabler, not an obstacle.

7. Maintain data flow diagrams

Data flow diagrams are essential tools for understanding how information moves within a system. They help identify potential vulnerabilities and ensure that all data is adequately protected throughout its life cycle. Regularly updating and maintaining these diagrams ensures that security teams have a clear picture of data pathways, enabling them to spot any weak points or areas that need additional security measures.

A critical function for business

Saunders emphasized that security is more than just a safeguard in today’s rapidly evolving business landscape. It’s a critical function that supports the success and longevity of the business. Engaging security early is a key step. Ultimately, prioritizing security fosters trust, protects assets, and positions businesses to thrive in an increasingly digital world.

About the Author

Jane Clark | Senior VP of Operations

Jane Clark is the senior vice president of operations for NationaLease. Prior to joining NationaLease, Jane served as the area vice president for Randstad, one of the nation’s largest recruitment agencies, and before that, she served in management posts with QPS Companies, Pro Staff, and Manpower, Inc.

Voice your opinion!

To join the conversation, and become an exclusive member of FleetOwner, create an account today!

Sponsored Recommendations

Improve Safety and Reduce Risk with Data from Route Scores

Route Scores help fleets navigate the risk factors they encounter in the lanes they travel, helping to keep costs down.

Celebrating Your Drivers Can Prove to be Rewarding For Your Business

Learn how to jumpstart your driver retention efforts by celebrating your drivers with a thoughtful, uniform-led benefits program by Red Kap®. Uniforms that offer greater comfort...

Guide To Boosting Technician Efficiency

Learn about the bottom line and team building benefits of increasing the efficiency of your technicians in your repair shop.

The Ultimate Trailer Tracking Technology Checklist for Enterprise Fleets

We understand the challenges you face in consolidating inventory, reducing theft, and tracking revenue. That’s why we’ve created the ultimate checklist to help you evaluate your...