It's been pretty well established in this space and others, that the right transportation management system (TMS) software solution can enhance freight operations from small businesses to the largest enterprises. But one sticking point aside from cost concerns that may be holding some companies back from implementing a TMS is a concern about cybersecurity. There's no doubt that cyber threats continue to abound, and the hazards of the online world may send some scurrying back to their paper operations. However, paper is just not practical in this day and age, and those still holding out on TMS implementation are missing out on a vast array of features to streamline their entire operation while still saving on costs. Back to the cybersecurity conversation, though. The best TMS providers recognize the importance of online safety and data protection and have systems in place to protect their customers. That's why the recommendation is to go cloud-based to take full advantage of the TMS provider's cybersecurity measures rather than using an on premises server setup. And by the way, a cloud-based TMS saves on cost, too, making implementation a viable financial proposition for businesses of any size.
How TMS providers ensure cybersecurity
What are some of the cybersecurity measures offered by the best cloud TMS providers? Let's take our partner MercuryGate for example:
Data protection: As in, backups of all data, documents and critical assets are completed on a defined schedule with copies replicated across a high-speed secure circuit to a dedicated disaster recovery data center. Backups are then stored on encrypted media with restricted access. Customer data is stored on servers that use leading technology and techniques to reduce points of failure and data loss.
Software updates: MercuryGate's software infrastructure is updated regularly with the latest security patches - something every user should be doing on their own network as well.
Application security: Secure code is developed and implemented across all MercuryGate IT systems and applications. Practices such as prepared statements, SQL injection and cross site scripting are followed to prevent even sophisticated attacks. Static scans of the code base and dynamic scans of the applications are conducted to identify any vulnerabilities. When vulnerabilities are discovered they are prioritized and remediated as part of patch releases and/or scheduled as part of future product releases.
Ongoing operational management: MercuryGate engineers always evaluate new security risks and implement updated countermeasures to prevent unauthorized access or unplanned downtime of systems and/or services. Systems are configured to provide only essential capabilities and specifically prohibit or restrict the use of functions, ports, protocols, and/or services that are not required for the business function of the information system. Servers are not allowed direct access to the internet and are deployed behind several boundary protection devices (firewall, IPS/IDS). An incident, detection and response system has been implemented to monitor MercuryGate’s environment to ensure proactive detection and response to threats, intrusions, and attacks 24/7/365.
Physical security and on-site protections: Unlike the majority of TMS providers, MercuryGate is both Service Organization Controls (SOC) 1 and SOC 2 compliant. In fact, MercuryGate reached the highest Service Organization Controls (SOC) designation with a Type 2 SOC 2 examination. All servers/systems are physically secured in Tier III certified data centers. The facilities are audited under SSAE 18 Type 2 SOC 2, PCI-DSS, GLBA and HIPAA standards annually and are ITAR and EU-US Privacy Shield registered.
As you can see, MercuryGate - along with many other of the top TMS providers recognize the need for security and make cybersecurity a priority, protecting their clients' and partners' valuable data. Threats are always out there, but implementing a cloud-based TMS means your freight and logistics operations get the provider's ongoing security as well. If you're ready to celebrate Cybersecurity Awareness Month with a new TMS, we at InTek can help. Just reach out with a few details about your needs, and we'll be happy to get back with you quickly to assist.
In the meantime, learn more about freight & logistics at our Learning Center. And here are a few example articles: