Security
Last Updated: June 2, 2025
At EFS Fleet, we take the security of your data and our systems very seriously. We implement comprehensive security measures to protect your information and ensure the reliability of our fuel monitoring services.
Our Security Commitment
We are committed to implementing industry-leading security practices to safeguard your data. Our security program is designed to protect the confidentiality, integrity, and availability of your information while providing you with reliable and secure services.
Data Security Measures
We employ multiple layers of security to protect your data:
Encryption
- All data transmitted between your devices and our servers is encrypted using TLS 1.3 protocols
- Sensitive data at rest is encrypted using AES-256 encryption
- Database encryption for all personally identifiable information
Access Controls
- Role-based access control (RBAC) for all system users
- Multi-factor authentication (MFA) required for all administrative access
- Principle of least privilege applied to all access permissions
- Regular access reviews and prompt removal of access when no longer needed
Infrastructure Security
- Hosting in SOC 2 Type II certified data centers
- Network segmentation and firewalls to control traffic flow
- Intrusion detection and prevention systems
- Regular vulnerability scanning and penetration testing
- 24/7 security monitoring and incident response
Hardware Security
- Tamper-resistant hardware design for vehicle monitoring devices
- Secure boot processes to verify firmware integrity
- Regular firmware updates to address security vulnerabilities
- Secure communication protocols between devices and our cloud platform
Security Compliance
Our security program aligns with industry standards and frameworks, including:
- ISO 27001 (Information Security Management)
- NIST Cybersecurity Framework
- SOC 2 Type II
- GDPR (for customers with European operations)
- CCPA (for California customers)
Security Testing and Validation
We regularly test and validate our security controls through:
- Annual third-party penetration testing
- Continuous vulnerability scanning
- Regular security assessments and audits
- Simulated security incident exercises
Employee Security
Our security starts with our team:
- Background checks for all employees
- Security awareness training upon hiring and regularly thereafter
- Confidentiality agreements for all staff
- Clear security policies and procedures
Incident Response
In the event of a security incident:
- We maintain a documented incident response plan
- Our security team is available 24/7 to respond to incidents
- We will notify affected customers in accordance with applicable laws and regulations
- We conduct post-incident reviews to improve our security posture
Security Updates
We continuously improve our security measures to address evolving threats:
- Regular updates to our security policies and procedures
- Prompt application of security patches
- Ongoing monitoring of security threats and vulnerabilities
- Regular updates to this security statement to reflect current practices
Reporting Security Concerns
If you discover a security vulnerability or have concerns about the security of our services, please contact us immediately at:
Email: [email protected]
Phone: (512) 555-0124 (Security Hotline)
We appreciate the assistance of security researchers and will work with you to investigate and address any legitimate concerns.
Back to Home