Top 3 Tips for enhancing your device security

Chiptech devices are designed to store and transmit non identifiable data only. Our products do not contain any personal information relating to a specific user, ensuring their private information is not accessible to unintended parties. We achieve device security by controlling how devices are accessed and by utilising industry recognised communication protocols that contain codes to represent specific events and changes in device status. 

There are a few steps that we recommend are taken to ensure that data stored and sent by Chiptech devices is secured and protected from interference or inappropriate access.

1. Use a Private APN

Chiptech devices communicate primarily over cellular data networks. The most efficient way of securing cellular data during transmission is to setup a Private Access Point Name (private APN) on the SIM cards installed in the devices. The PAPN will route all cellular data traffic to an organisations corporate data network therefore not sharing public data pathways. This approach secures data while it is in transit, and the systems should be designed to reject traffic from unknown IP addresses. Maintaining an up-to-date Allowlist is required to ensure continued access to all connected services.

2. Limit user access to Cloud applications on a need to use basis

Access to SmartCare Cloud, the Chiptech fleet management platform, should be limited to trained users who understand the process of updating devices in the field. This is a powerful software tool that can schedule updates to all devices if a user has an ‘Admin’ level account. To ensure only user who need access are enabled follow the steps below:

    1. Regularly audit the user setup for your organisation, and downgrade their permissions when not required.
    2. Ensure you have a process for removing access immediately when staff members change roles, or leave your organisation.
    3. Make use of Chiptech free training sessions for SmartCare applications, so your users are aware of the benefits and risk associated with each application.

3. Do not share unnecessarily

The Chiptech Wizard desktop application is designed to interface on a one-to-one basis either directly through a cable, or remotely over internet, to update, make a change, or download a log from a base unit. The application is available to download through the Chiptech Web Portal to authorised users ONLY. Chiptech request that this is not shared throughout an organisation, installed on public workstations, or supplied to other parties. Downloading a copy and the related files from the Web Portal regularly ensures the user has the latest versions. There are a few quick tips to be aware of when using the Chiptech Wizard.

    1. Do not enable ‘Dangerous Settings’ without intending to use them.
    2. Follow the Chiptech Wizard Manual guidelines for the installation, updating and security requirements around use of the application.
    3. When using the API for sending SMS, you are responsible for ensuring your PC security.

If you have any questions or concerns about Chiptech product or software security, there are a number of documents available for reference through the customer Web Portal, or please feel free to contact Chiptech support.

You may also like