The Rise of Connected Devices Creates New Challenges for Data Security

The waste and recycling industry best practices for data security include having telematics data transferred directly to proprietary servers and accessed through online portals.

Now that the waste and recycling industry is knee-deep in the adoption of new technologies, especially ones that collect and analyze various types of data, a new concern has emerged: How do you keep all that data secure?

Although there is no “one size fits all” set of protocols when it comes to keeping proprietary and confidential information protected, industry officials say the waste and recycling industry is being proactive and taking seriously its responsibility to protect all forms of data.

“Data security is important in the waste and recycling industry,” says David Biderman, executive director and CEO of Solid Waste Association of North America (SWANA) based in Silver Spring, Md. “Whether it’s medical information about an employee, CBI about operations, or a customer’s credit card information, companies and local governments comply with all applicable laws to ensure that the data in their possession is protected from disclosure.”

The waste and recycling industry best practices for data security regarding anything related to the Internet of Things (IOT) include having telematics data transferred directly to proprietary servers and accessed through online portals. Encryption can take place along any or all paths of the data—between vehicle and cloud server or between the cloud server and portal. Additionally, a portal to access the data will almost always have password/login credentials required for access.

For Martin Demers, vice president of FleetMind Solutions Inc. based in Montreal, Quebec Canada, data and network security is paramount in all of the projects the company works on.

“It is especially important when deploying in the cloud and even more when working with cities and government agencies,” he says. “In some instances, customers host our applications within their own infrastructure and control access to data. In this case, the focus is put on securing communications between the mobile platforms deployed in the vehicles and the back office servers as well as controlling access to the in-cab device.”

FleetMind delivers a “smart truck” solution—onboard computing (OBC) solutions that capture and store electronic control module (ECM) and other vehicular data. Security features for FleetMind include secure data communications, the use of private cellular networks, as well as login security with Active Directory integration and the use of MobiControl or similar tools for remote access.

Demers says that dealing with municipal contracts, depending on the state or province, additional data security rules dictate where and how information can be stored.

“In some cases, when deploying systems in the cloud, cities or state regulations can dictate that data cannot be stored on servers that are out of state/province or out of country,” he says.

FleetMind deploys its “smart truck” fleet management solutions using Microsoft Azure or Azure Government, which allows the company to specify which regions data will be stored to address these types of requirements. Azure government also adds some security layers that can help address specific security requirements of government agencies.

But, Biderman says that a large amount of the data being collected by waste collection vehicles and at disposal facilities relates primarily to the weight of the material and does not raise the types of privacy concerns associated with the type of personal information collected by retailers, credit agencies, and others. 

“All the mainstream programs now have built in encryption for credit card data. I know that the info is not even stored locally anymore with our program because of the risks,” he says. “From the customer side, what else in the waste industry is really private or desirable to hack? Is there really a clamor to see how much waste a business is generating?

“Most of the other information—name, address, and phone number—is public for the commercial sector. I would think this is one, and maybe the only, area where our business is easier than most. With the rest of the data mentioned … our burden is the same as all other businesses.”

According to Demers, security is not the only concern when collecting data for the industry, but privacy also is of concern.

“As more and more data is collected in real-time including pictures, videos, driving habits, vehicle speed, vehicle position, etc., those who are doing what they need to do the way they need to do it are not concerned but for others, there is no place to hide anymore,” he says.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.