Each week, we seek expert advice to help a small or medium-sized business overcome a key issue.
Next time you receive a package via UPS, know that the delivery van arrived using the most efficient route possible, thanks to technology from an Oakville, Ont.-based company.
On top of that, the seven-centimetre box from Geotab Inc. monitors fuel consumption and helps improve road safety.
Geotab's fleet-management boxes have been installed in more than 550,000 vehicles worldwide, including United Parcel Service's fleet, every PepsiCo Inc. vehicle and some police departments in the United States and Canada.
"Pepsi reduced their number of accidents by around 36 to 38 per cent," says Neil Cawse, who founded Geotab in 2000 after moving to Canada from his native South Africa. He is now its chief executive officer.
By plugging the device into a vehicle's diagnostics port, Geotab can see whether the driver is wearing a seat belt, whether the service-engine light is on and how fast the vehicle is travelling in relation to the posted speed limit.
The company can also pool data and identify dangerous spots on the roads, such as accident-prone intersections or bridges that become icy in winter. "If we can make that data publicly available to the towns and provinces to actually get something done about it, that's another great milestone that we're working toward," Mr. Cawse says.
Geotab is offered mostly through resellers such as Telus Corp. and Rogers Communications Inc. in Canada and Sprint and Verizon in the United States. The company has 215 employees and is growing at about 15 per cent a year, he says. Geotab charges resellers about $50 per device, and clients pay $20 to $25 a month per vehicle to generate reports from the collected data. Annual revenue for Geotab stands at about $100-million.
Mr. Cawse wants to have his devices in 1 million vehicles by the end of 2017. But that could hinge on how these kinds of products are viewed by the public. A number of high-profile hacking cases, such as the one on Jeep vehicles last year, have changed opinions on telematics. (In the Jeep incident, a hacker was able to gain control of vital functions of the vehicle, making it stop unexpectedly on a busy highway, for instance.)
Though Geotab is working with SAE International (Society of Automotive Engineers), the United States' Department of Transportation and the Department of Homeland Security and others to come up with a cybersecurity standard for telematics, that effort won't pay dividends until perhaps three or four years out.
"I'm worried about something coming out of left field," Mr. Cawse says. Another big hack might frighten potential clients and harm the telematics industry.
"In a way, some of that perception is slowing growth down a bit and everybody is worried about what is going to happen next."
The Challenge: How can Geotab ensure that negative publicity for telematics doesn't stand in the way of its 1-million-vehicle goal?
THE EXPERTS WEIGH IN
Emmett O'Reilly, cybersecurity consultant, Kando, Toronto
For Geotab to almost double the size of its customer base by the end of the year may be ambitious. However, if it targets large businesses or partners with a vehicle manufacturer it may be able to achieve its goal.
Many high-profile security breaches have originated through third parties and business partners. Businesses more than ever are scrutinizing the security of technology during their procurement processes. For telematics, as long as the technology does not have the ability to control vehicle settings, there is no inherent physical safety risk to the occupants of the vehicle. Geotab may benefit by having its product and technology certified to security standards including Common Criteria or ISO 27001. Companies will often look for certifications to provide a level of assurance that products are secure and their business partners have adequate security practices.
Nicholas Johnston, professor in the School of Applied Computing, Sheridan College, Oakville, Ont.
I noticed on the company's website that there's absolutely no mention of whether this device is secure. That's a primary concern when you see someone wanting to plug a device into your vehicle.
Geotab should address security in their marketing material and on their website first off. Then they can state that they get regular assessments of both their software and hardware. When was the last time its large Web platform had a penetration test? Has anybody actually assessed the embedded device that goes into the vehicle?
A really quick and easy way is to implement a program that in security we call a bug bounty. The idea is you offer financial incentive for anybody to report security vulnerabilities in your products. Facebook does it, Yahoo does it. Basically then you're drawing all the people with the skills to assess your technology and work with you rather than against you. It ends up being really cheap and it's something that can be implemented quickly and efficiently.
Scott Laiken, managing director, Accenture LLP, Toronto
Part of the challenge for a logistics company is that its fleet consists of a wide range of vehicles. Different manufacturers, different years, different model types. That means they are managing a fleet with various levels of internal security in the vehicles themselves.
There's an opportunity for someone to provide not only a more consistent level of security but also a single point of management of that security. He should take this as an opportunity instead of a headwind. Telematics can offer a single point of access to all your vehicles at one time. We can also build a single point of security and management of that security for an entire fleet. He takes it from being an issue to a benefit of his product, and if he can do that, then the more concerned people get about hacking, the more they want the product.
THREE THINGS THE COMPANY COULD DO NOW
Focus on your own security
Your platform should be as impeccable as it can be.
Make customers aware
Get the message out that Geotab is conscious of security by displaying it on the company website and marketing materials.
By providing proof that its systems and software have certifiable security, customers will be more comfortable with the products.
Follow Report on Small Business on Twitter at @globesmallbiz.
Interviews have been edited and condensed.