Skip to main content

two people looking at a computer screen

Geotab Security, Trust and Telematics Privacy

Trusted by organizations in both the public and private sector for end-to-end telematics data security.

Read our Security Policy

Geotab’s approach to effective data security

Geotab strongly values the trust our customers put in us to keep their data secure. Our end-to-end security approach extends from the training of our employees to our devices and regular internal audits, enabling us to be proactive in keeping you safe against new cyber threats. We follow a number of rigorous protocols and processes to protect our clients’ information and are trusted by many of the world’s most security-conscious organizations, including the General Services Administration (GSA). With the GSA, we have a multi-award schedule and blanket purchase agreement.

 

Resiliency is another critical component of our security lifecycle, which is why we constantly monitor our systems for potential vulnerabilities and work closely with cybersecurity leaders to advance our industry as a whole. We’ve made it our mission to help organizations achieve their data protection and telematics goals at the same time, powering a more efficient and sustainable world in the process.


security lifecycle graphic

Our End-to-End Security Lifecycle

  • Routine Employee Security Training
  • Incident Response Plan Optimization
  • Designing Solutions and Loading Firmware
  • Maintaining Certifications and Authorizations
  • Server Security Management and Development
  • Regular Process and Environment Testing

The Geotab security lifecycle: Data protection that transcends your fleet

employee responsibility image

Employee responsibility

security incident training

Security incident training

access and system monitoring

Access & system monitoring

Penetration testing

Penetration testing

Vulnerability scans

Vulnerability scans

Ongoing security audits

Ongoing security audits

Business continuity planning

Business continuity planning

Granular access controls

Granular access controls

Privacy mode feature

Privacy mode feature


A proven track record of quality data privacy, trust and compliance

Over 20 years of experience in secure fleet management

security lock logo

Reducing telematics privacy risks

Geotab takes customer telematics privacy extremely seriously, using detailed vulnerability testing to better protect information and reduce the potential for security breaches. Control your Geotab data as you see fit and use it to further your fleet’s efficiency.

trusted data security logo

Trustable data security processes

With rich experience in data security and our diverse ecosystem of security partners, Geotab’s reputation in telematics data protection is world-leading. We’re a pioneer in using the latest security resources to keep our customers’ information locked down.

compliance logo

Internal and external compliance

We comply with and stay updated on data standards related to both our own internal protocols and any regional laws. Our robust checks and balances system around security helps our customers have strong confidence in all of our intrusion protection methods.


telus employee using a tablet

Case Study

Discover why TELUS chose Geotab’s secure telematics platform

Improving fuel economy by 10% and keeping fleet information protected

 

TELUS relies on our fleet management software and stringent data security processes to run operations that are better protected against noncompliance and security risks.

Explore the case study

Press Release

PICCASO Canada: Data Partnership Award

Geotab has a world-class data privacy program, as evidenced by the strong trust our clients put in our data management practices. We're also committed to driving innovation and partnering with technology leaders to deliver effective and secured solutions for our customers. Our Data Partnership Award we received at Canada's 2024 PICCASO Awards gala formally recognizes our collaboration with other industry pioneers.

Learn more
Picasso Awards canada 2024 winner


The Geotab security standard: Adherence to the highest security and compliance processes

Fedramp compliance

FedRAMP Authorization

Our data security processes and environments are audited by a third-party assessor and recognized as FedRAMP-authorized. FedRAMP authorization enables us to serve federal government organizations and uniquely meet their precise cybersecurity needs.

FIPS Validated 140-2

FIPS 140-2 Validation*

Cryptographic modules within Geotab GO devices are compliant with FIPS 140-2 standards. This compliance level keeps our hardware congruent with the needs of government agencies that need to protect their data during the collection, storage and transmission phases.

ISO/IEC 27001 Information Securty Management

ISO/IEC 27001:2013

Geotab’s Information Security Management System is documented as being compliant with the standards required for ISO/IEC 27001:2013. This security certificate verifies that our applications, internal processes and GO hardware devices are in line with accepted global information technology standards.

Cyber Essentials Certified logo

Cyber Essentials Certificate

Our Cyber Essentials Certificate of Assurance was awarded to us when a third-party agency audited our cyber attack ICT defense mechanisms. Our processes were found to be compliant with Cyber Essentials’ proper implementation profile.


An undisputed leader in telematics security

Geotab’s uncompromising stance on data encryption

To keep customer data more protected at all times – whether it’s in the process of being sent or stored – we use a combination of end-to-end firewalls and encryption methods.

  • Internal controls on who is allowed to access certain databases
  • RSA 2048 algorithm safeguards tracking devices from impermissible firmware
  • Communications are verified prior to data being sent or received
geotab godevice

Our Security Experts

Neil Cawse profile picture

Neil Cawse

Geotab CEO
Alan Cawse profile picture

Alan Cawse

Chief Security Officer & EVP of Technical Operations
Dirk Schlimm profile picture

Dirk Schlimm

EVP of Legal & Compliance Management
laurence prystawski profile picture

Laurence Prystawski

General Counsel
derek saunders profile picture

Derek Saunders

AVP of Security
jason perry profile picture

Jason Perry

VP of Technical Services

Geotab’s telematics security in action

Peruse our library of content resources to learn more about our data policies, how customers have achieved success with our platform and how we adhere to the highest telematics security standards available.


FAQs

Your data is yours to use as you see fit. Geotab will not dictate who it can be shared with or how it is used. 

Geotab only accesses customer data for technical support and maintenance purposes, but access is restricted only to the specific personnel that need it. Data is never shared with third-parties. You determine the level of access your data has.

The specific permissions of these account types can be customized to your organization’s preferences, allowing you to determine different employee access levels.

Yes. Geotab follows the guidelines in the GDPR, a data protection law implemented by the European Union (EU) in May of 2018.

Yes. Geotab conducts both regular penetration tests and vulnerability scans of all our servers and platforms. Our latest applications are also routinely provided to a number of external security researchers for independent examinations.

The cryptographic modules within Geotab devices are FIPS 140-2 validated. An industry standard AES-256 encryption algorithm also protects the communication channel between the secure Geotab Gateway server and device, helping prevent data interception and break-in attempts.

Yes. Geotab uses two-factor authentication via a security assertion markup language (SAML) and single sign-on (SSO).

All Geotab employees must take regular security awareness training and we employ a limited-authorization plan regarding internal data access. We also have a strictly defined internal process we follow in the unlikely event of a security incident, where the event is reported, communicated to affected parties, rectified and documented. Transparency is in our core values and we take every step possible to prevent security incidents from occurring.

View last rendered: 07/16/2024 10:22:42