How Trimble Uses Microsoft Azure to Protect Transport and Logistics Operations

Advanced technology and digital solutions have greatly increased transportation industry utilization, productivity and efficiency on a large and expanding scale. But wireless tools that run on data and complex networks also face significant cybersecurity threats. In this new entry in our “Full Circle of Safety” series, we speak with Microsoft experts about the state of transportation cybersecurity and look at how Trimble uses Microsoft Azure to enhance the cybersecurity of our Cloud-based software as a service (SaaS) transportation solutions.

The Cybersecurity Risks to Transportation

Picture a building with many doors and windows. At any point in time, some are open, some are closed. Now imagine that each of those doors and windows is one of the growing number of interconnected devices and systems on which trucking, transportation and logistics operations—and their vehicles and drivers—all depend.

And as we’ve seen in the past year, data breaches and ransomware can bring a fleet to a standstill, especially as the number of attacks increased by 55% in 2023. Without reliable technology to back them up, drivers are at risk on the road, operation and customer data is vulnerable and the IoT devices that are crucial to modern trucking may cease to function.

“All the benefits that have come with the digital transformation of the trucking, transportation and logistics industry are a double-edged sword, if inherent cyber risks are not continually assessed and mitigated” said Kaivan Karimi, global partner strategy and OT cybersecurity lead for the Automotive, Mobility and Transportation Industries at Microsoft. 

According to Karimi, Microsoft sees the transportation industry as highly fragmented from a technical perspective, and based on intelligence Microsoft gathers from across the world’s largest digital footprint—including nearly 78 trillion daily threat signals—applying robust cybersecurity capabilities from the top down is critical. 

“Gaps in cybersecurity are born of disparate solutions, and complexity is the friend of cybercriminals,” remarked Karimi. “Connectivity and visibility require remote access, which if not securely managed can leave assets accessible to bad actors.”

Compounding this challenge is a concerning discrepancy between what transportation companies might perceive as the impact of a cybersecurity breach, versus the reality. “We recently conducted a survey of fleets, and two misconceptions became clear,” said Michael Skraba, sales support engineer, SaaS conversions. “Across the industry, business leaders frequently underestimate the potential impact of a cybersecurity threat. For example, given the prevalence of interconnected systems and dependencies, they might underestimate how long it can take for their operations to recover from security incidents and resulting disruptions.”

In November of 2023, Trucknews.com reported that according to cybersecurity firm Upstream Security, there was a nearly 400% increase in reported automotive cyberattacks between 2017 and 2022. Earlier this year, researchers at Colorado State University reported in a white paper on the subject that vulnerabilities in commercial trucking technologies comprise a major threat to industrial infrastructure. And we’ve previously reported on the critical role mobile device management plays in a fleet’s cybersecurity and on the state of transportation cybersecurity.

Protection Tailored to the Transportation Industry 

The daily lives of billions of people depend on the security and reliability of the global supply chain and the transportation businesses that comprise its links. It’s for that reason that Trimble has maintained a long-standing relationship with Microsoft and deployed several of our most important solutions on Microsoft Azure, including the SaaS versions of TMW.Suite TMS, TruckMate TMS and TMT Fleet Maintenance accessible via Trimble’s Transportation Cloud. 

“Trimble solutions use Microsoft Azure to provide our customers a powerful combination of industry-leading transportation expertise and cutting-edge cloud security,” said Sejal Kadakia, Vice President of Microsoft Partnership for Trimble. “There are numerous vulnerabilities to consider when it comes to devices, data and even vehicles. Our collaboration ensures that Trimble's customers benefit from the robust security infrastructure of Microsoft Azure, protecting transportation operations and data from ever-evolving threats."

Microsoft Azure is a cloud-based platform that offers computing power and cybersecurity functions to support the access, management and development of applications, data and services. By using Microsoft Azure, we combine our industry solutions and experience with the most up-to-date and reliable cybersecurity infrastructure. 

Some of the features and benefits provided through Microsoft Azure include:

• • Backup and recovery capabilities at data centers globally
  • Extensive security protocols
  • Less capital cost for hardware or server rooms, cooling systems, space for server racks, and miscellaneous equipment required for a modern IT infrastructure
  • Lower costs for IT personnel and software licenses
  • Flexibility to address business cycles and scalability to handle changing workload volumes
  • Support from integrated solution and Infrastructure-as-a-Service (IaaS) teams with expertise in the latest technologies

Trimble’s Transportation Cloud, as certified by third-party security review organizations, is both SOC 2 Type 2 and ISO 27001 compliant. Both designations indicate that the platform has passed a rigorous audit designed to detect any vulnerabilities in its administrative and technical security controls.

As a matter of course, the Trimble Security Operations Center scans everything for vulnerabilities and viruses, encrypts all data and backups where possible, and manages users and implements multi-factor authentication protections. The 24x7x365 operation includes on-call crisis management supported by executives, forensics specialists, security engineers and data architects.

“The most common customer questions we receive during the transition to cloud-based solutions are focused on data access and security,” Skraba related. “As an essential part of our approach to cybersecurity to ensure fleet safety and operational data integrity, we offer various levels of access to our SaaS solutions, including the ability to modify database objects through SQL Server Management Studio and SQL Execute tools.

“Trimble also takes every precaution to ensure that data is secured to the highest standards,” Skraba continued. “To provide additional peace of mind for customers backups are made throughout the day, including hourly transactional logs. Our Trimble cybersecurity team can also quickly cut over to a completely new architecture and site for safety.”

The Future of Transportation Cybersecurity 

“We’re focused on providing Trimble customers with a full cybersecurity portfolio. Our product and security teams working as one are continually making our platform and solutions as secure as possible,” Karimi said. “That even includes employing people whose job it is to try and damage Azure on a regular basis. Then we can proactively go and fix any part of our infrastructure that may be exposed.”

That’s no small feat or easy job, Karimi noted, because given enough time and resources, brilliant but devious hackers can break any security system. And he pointed out, there are other reasons for growing concern as well.

For starters, more cybercriminals have joined the fray, including growing groups of organized criminals, and bad actors supported by deep-pocketed nation-states. More sophisticated tools are also readily available to hackers on the dark web while Artificial Intelligence is helping them accelerate the pace of attacks on a variety of businesses.

The result is that the frequency and sophistication of cybercrimes is growing exponentially, and the impacts are becoming more drastic. But while the stakes are increasingly higher, fleets can rely on Trimble’s dedicated resources, deep knowledge of the industry and fleet operations, our team’s response time, and our partnership with Microsoft, including a dedicated group of their professionals.

“You cannot get this kind of expertise elsewhere in this industry,” Skraba said. “We are firmly focused on providing cybersecurity capabilities, tools, technologies, and resources that help assure operational integrity and on-road safety.”

With Trimble and Microsoft Azure, keeping necessary doors and windows into the interconnected devices and systems that trucking, transportation and logistics operations, and their vehicles and drivers, depend on can be done more safely and securely every day.

To learn more about Trimble’s Cloud-enabled solutions and how they can optimize and protect your operation, contact our team for a no-obligation discussion or demo.