Getting Prepared for Rising Cyberthreats
Ransomware Attack Costs Maersk an Estimated $300 Million
Safeguarding Against Cyberthreats
Logistics Security Begins With A Secure TMS
- The vendor should use security best practices and undergo regular audits to assess vulnerabilities.
- Vendor operations should conform to Information Security Management Systems ISO 27001:2013.
- Automated security-testing to mimic real-world hacking techniques and attacks, to assess security vulnerabilities.
- Virus scans are run every 15 minutes on the vendors network, and Bit9 is employed for endpoint protection in the SaaS environment.
- 2048-bit SHA-256 SSL certificates are used to secure interaction between customer endpoints and the TMS software.
- Data in transit is secured using the following protocols: HTTPS, FTP, FTPS, SFTP, MQ/SSL, AS2, PGP, VPN.
- Software developers pay specific attention to the Open Web Application Security Project (OWASP) Top 10 Most Critical Web Application Security Risks.
- Overall application security is based on organization hierarchy modeling and user roles with permissibility and data restrictions depending on roles.
- All supply chain partners/users are only able to view information that the customer permits.
- Within the application, hierarchies are secured from the top level down; authority to functions require specifically granted personal or role authorities.
- The data centers for the software should be SSAE 16 SOC 2 Type II certified and provide near-100-pecent uptime.