As Transportation Insight representatives talk with shippers across the country, we see some common threads in the questions they ask. They're interested in our plans for disaster recovery, business continuity, data security, and how we're prepared to handle threats and mitigate any potential problems.
These threats come from all corners of the globe, making it difficult to prepare for every potential attacks. While a 3PL can't prepare for every specific attack, there must be a strategy in place. Infrastructure, as well as operating and risk management framework are required to guide the response.
Surviving COVID-19 is the top priority for businesses, but data breach response plans remain essential. It's your responsibility to anticipate issues and understand how your company's operations and customers could be impacted.
Everyone in business today understands a company may face an attack. As is the case with any service issue, the culture of a company is revealed in how it responds to those challenges.
If you're looking for a 3PL partner, make sure these questions are part of your discussions or RFPs. You'll be glad you know the answers before you have to put the plan into action.
Here's a brief look at how Transportation Insight answers some of these important questions.
1. Describe your business continuity/disaster recovery plan
We maintain a proactive network security policy, including an in-depth defense strategy to monitor/mitigate risk and intrusion. We use redundant data centers for an active/active business continuity and data recovery strategy. Each center has back-up power supplies and multiple ISPs connected via 100 percent fiber-optic networks. Sub-hourly, daily and weekly backups protect against data loss. Our system supports SLAs with a 99.9 percent uptime for our Transportation Management System and overall network availability.
2. Do you encrypt data at rest?
Our data is encrypted at rest to protect proprietary information and prevent unauthorized access if it becomes compromised. This level of defense thwarts attempts to steal sensitive customer information by raising the level of difficulty for attackers.
3. How do you monitor for unusual activity and respond to any threats?
Examples of some of the actions we take: We monitor for unusual IP traffic, unusual volumes and account lockouts, among other factors. If we spot unusual IP traffic, particularly from overseas locations, we may block ranges and/or contact users associated with accounts that are deviating from activity thresholds. We will send appropriate communication and resolution plans, bringing in IT stakeholders as needed to provide full support.
4. Will you share your SOC report?
Like many 3PLs, Transportation Insight conducts an annual SOC 1 Type II Audit, which is a proprietary report resulting from a third-party examination of our internal controls, including data security. The report is not distributed in electronic format or hard copy. However, read-only access may be provided upon request in accordance with our guidelines.
5. Are you insured for data breaches and cyber liability?
Ask about cyber liability coverage, because general liability coverage isn't adequate in the case of breach of sensitive customer information. Look for additional coverage that is specific to cyber coverage for losses due to a data breach or loss of services.
Are you Data Ready for Disruption?
Every business will face challenges. Your supply chain’s ability to withstand those challenges depends on developing a business continuity mindset. A trusted partner not only protects against cyber attacks continually, but is prepared to mitigate and manage such an event. Transportation Insight operates with a proactive defense strategy as well as an active offensive plan to ensure your supply chain operates uninterrupted by cyber security issues.
That proactive defense is one element in a level of data readiness required to support your organization’s COVID-19 recovery. Join our upcoming webinar, “Are you Data Ready for Disruption?” for more strategies for managing and securing data to protect business continuity.
To read about best practices in identifying and preparing for threats to business continuity, download our new guide, Business Continuity for Your Supply Chain.