Business travel and data security

By Gary Bowerman

Most business travelers understand their company’s technology policy. But on the road, you have so much to think about – basic processes do get neglected.

It began as a casual conversation. Two business travelers in a hotel lounge exchanging words over coffee and laptop screens. But the impeccably dressed man next to me was no ordinary traveler. A former military computer engineer, he had joined a multinational company to fix tech-security issues for business travelers.

During a fascinating two-hour conversation, he recounted sobering stories of travelers losing laptops, misplacing flash drives, encountering malicious viruses from insecure Wi-fi networks and failing to encrypt data that no one else should ever read. He scared me with sinister phrases like identity theft, spear phishing, session hijacking, and packet sniffing.

But the most important thing he told me was this: “Ensuring data security wherever you are is not difficult, but neglecting it is easy. It’s all about mindset.” I grabbed my laptop in my arms and promised never to let go."

Like most business travelers, I try to be ‘connected’ whenever possible – mostly to check and send email, but also to make Skype calls, upload/download files and, yup, I admit it, read newspapers and other (mostly sports!) websites. A strange impulse forces me to instinctively search for internet signals in cabs, boarding flights and while eating in restaurants.

I understand the technological vulnerabilities that this behavior creates, but also face a daily business reality: I need to process a lot of information, no matter where in the world I find myself.

Because of the volume of electronic traffic that passes through our devices daily, data security is a critical issue for anyone on the road. While traveler tracking is increasingly integrated into global travel programs, data security still relies heavily on personal responsibility. And, as humans, we are prone to concentration lapses. Our hearts always sink when airport security forces us to remove a laptop from our carry-on luggage. What if someone else picks it up during the body search?

Even in our modern, tech-enabled world of virtual private networks, MiFi, multi-level passwords, remote back-ups and cloud drives, voice biometrics, and device printing, our precious data is always potentially exposed to theft, distortion and corruption. It seems there is an app for everything these days, but not one that can protect the neglectful traveler.

One key piece of advice I’ve picked up is if you don’t need it, don’t take it with you. It’s easy to carry too much data on a trip, but sensible precautions take just a few moments. Before every trip, I make checklists of the content I will and won’t need while I am away. I then back up all portable devices to separate hard drives and replicate less sensitive items into a cloud drive. Anything business related that I don’t need on my laptop or phone is removed and kept safe from harm.   While traveling, most of us regularly use unsecured Wi-Fi at airports and in hotel rooms and cafés. You can restrict the online operations performed on those networks, and set your browser to ‘HTTPS’ as a more secure default option. This still leaves Gmail (though this, too, can be set to HTTPS default mode), Twitter and Facebook accounts vulnerable to hijacking, but more susceptible online operations such as making banking transactions or sensitive data transfers can be avoided.

These, of course, are common-sense precautions that any technology compliance offer will advise. They are not foolproof and do rely on personal discipline. Beyond these measures, each company will have integrated policies and procedures that aim to protect your data while you traverse time zones.

But as I learned from the man in a hotel lounge: practicing the basic steps can at least keep you alert to the dangers of data or device theft.

This blog has been commissioned by AmEx.

About Gary Bowerman: Oxford-born Gary Bowerman has travelled the world in search of a good story. After cutting his teeth in legal and tax publishing in London, Gary moved on to edit international business and travel titles before relocating to China in 2004. Resident in Shanghai, he has recently been a contributor to CNN Traveller, Business Traveler, CNBC Europe Business, New York

Times, Travel & Leisure,  and South China Morning Post. Editor of the Singapore Highlights and Beijing Highlights guides, Gary is also one of the founders of Hong Kong and Shanghai-based media and marketing communications agency Scribes of the Orient.