Dealing with data security for travelling employees
Business travellers carry an awful lot of data when they're on the go—both personal and corporate. As a travel manager, how can you best equip your business travellers to stay data secure while on the move? Here are some tips.
Business travellers carry an awful lot of data when they're on the go—both personal and corporate. But such constant travel for companies can get tiring, especially if the traveller is severely jet-lagged after getting off a red-eye flight.
In such situations, data security considerations may just go out the window as the exhausted traveller looks for the most convenient options to get things done. For example:
- Logging on to the first public Wi-Fi network detected to text loved ones or HQ
- Recharging a flat mobile phone battery using the nearest free USB charging station
But here's a hard truth: such convenience can come at a price.
It's not difficult for hackers to set up fake but legit-sounding public Wi-Fi networks like "Free Airport Wi-Fi". When you use these, they log your network activity—including the typing of account credentials.
As for getting free power from innocuous-looking USB charging stations, watch out for "juice jacking"! The USB cable provided at the charging station may look innocuous, but it could be quietly installing malware into the device being charged, or copying sensitive data out of it.
Such data security risks that arise during business trips are only the tip of the iceberg. As a travel manager, how can you best equip your business travellers to stay data secure while on the move? Here are some tips.
Supply business travellers with power banks and corporate roaming plans
The reasoning for this is simple: if you provide your business travellers with a supply of power and Internet, they won't have to reach for less trustworthy options!
For good measure, instruct your business travellers that public Wi-Fi networks and USB charging stations are generally off-limits. If they really need to be used, travellers should adopt good data hygiene practices.
For example, this could mean not accessing sensitive data through public Wi-Fi networks. And to prevent juice jacking, USB data blocker adaptors should be used when charging devices at USB charging stations.
Other ways travellers can obtain overseas Internet access include buying local SIM cards on arrival or renting pocket Wi-Fi routers. However, giving them access to the company's roaming plan will save them from having to make a pit-stop to acquire a SIM card or pocket Wi-Fi router on company time.
Just remember to remind your travellers that for safety reasons, power banks have to be placed in their hand-carry luggage instead of being checked in. And if they're taking along power banks customised with the company logo, it wouldn't hurt to nudge them to bring along some brand-new sets as corporate gifts!
Establish company policy on (not) leaving company devices unattended
Next, let's talk about a major target for data theft: the devices themselves.
It goes without saying that business travellers should never, never leave their devices unattended in public. Unless a trustworthy colleague can help keep watch, devices should go where their owners go—even if their owner is "just" going to the washroom.
Not leaving devices unattended in public may sound rather commonsensical, but what about leaving devices in hotel rooms? This also isn't a good idea: despite hotels' attempts to secure their rooms, these rooms can be surprisingly easy to break into with the right tools, or by simply posing as the rightful guest.
For maximum reassurance, you could make it company policy that business travellers are not to leave their devices behind in the hotel. If they have to, they should stow their devices in their hotel room's (bolted down) safe or with the front desk.
The main challenge, however, isn't implementing these rules, but actually having them followed. While you may not be able to be physically present to enforce these rules, writing them down in your corporate travel management plan will go a long way in ensuring that travellers are aware of and will adhere to them.
Store all sensitive data remotely
Despite best efforts, there is a chance that travellers will lose their devices—and the copy of the data stored in them. This may not be so bad if the traveller bricked their work phone after dropping it, but the situation will be a lot worse if the phone had been pickpocketed instead.
To avoid losing data this way, don't store them in devices in the first place. Cloud storage solutions such as Google Drive and Dropbox Business make it easy for travellers to retrieve sensitive data on the move, so long as they have Internet access (but see the above point about not using random public Wi-Fi networks).
As for the management of travel information, here's some good news: there are dedicated apps for that!
For example, Travelstop stores travel data such as flights, bookings and expenses securely for convenient access anytime and anywhere. Business travellers will also appreciate Travelstop's other features such as automated expense reporting, as they won't need to hang on to their paper receipts to file expense reports.
Speaking of paper receipts and other sensitive physical documents that business travellers may accumulate: exhort your travellers to shred these thoroughly when they're no longer needed. They shouldn't be leaving behind a paper trail for the housekeeping staff—or others—to find!
Keeping data safe during business travel
While you may not care about the million photos that a business traveller keeps of his cat on his phone, chances are you'll be extremely worried if that same traveller leaves his work laptop unattended while making a quick dash to the loo.
Company data that ends up in the wrong hands can lead to nightmares on all fronts from legal to PR, so it's important to lay down rules on the proper handling of data during business trips. Communicate these rules to your business travellers via your corporate travel management plan too, so everyone's on the same page.
Don't worry about "going overboard" with your measures either: when it comes to travel for companies, it's better to be (data) safe than sorry!