DATA SECURITY – PREPARE FOR ‘WHAT IF?’

21 November 2018

The phrase, ‘What if?’ implies being faced with situations, the outcomes of which are unknown. Doing business in foreign lands is fraught with ‘What ifs?’. In today’s high-risk and competitive environments, such situations include potential data breaches.

What if, at airport customs, business travellers are ordered to hand over their devices – laptops, tablets and/or cell phones – plus passwords?

Government agencies – more specifically airport security – have the authority to tell travellers to switch on their devices, provide login information, copy files and confiscate the device if they deem it necessary.

It’s by being prepared for ‘What if?’ situations that stress is alleviated.

Travellers cannot control what the government does with their electronic devices, but they’re able to control what the authorities can access. Encrypting all the devices’ data is a good start, but encryption is by no means fool proof. If ordered to do so, travellers are obliged to provide the encryption key. If it is not provided, they can be detained.

The better option is to have a device with as little information on it as possible. Called ‘vanilla’ devices, they’re only able to connect to confidential data via secure tunnels and formidable authentication. To prevent any information being accessed by others, these vanilla devices should be wiped before going through customs.

A prepaid cell phone that allows the traveller to make calls and texts and access a Wi-Fi connection is another option. This device will ideally not be loaded with the apps and data stored on the traveller’s regular business phone.

In addition, before embarking on their trips, business travellers should ask their IT people to update all software, increase security settings, install encryption software, implement Virtual Private Networks (VPNs) and secure user restrictions.

Device theft is a reality. If the traveller has a ‘find my device’ option, it’s advisable to activate it before embarking. If necessary, have the company’s IT department advise how.

But undoubtedly, the most effective way to protect data while going through customs or from prying eyes while in the foreign working environment is for business travellers to take the bare minimum of devices needed and leave everything else at home.

The new regulations of today and tomorrow may seem stress-evoking. However, in the unpredictable, global environment in which we live and work, the pertinent question is ‘what if’ the regulations were fewer and less stringent? Right now, they are redefining attitudes and behaviour which, over time, may create improved sensitive data security as well as improved security for business travellers themselves.