How Travel Buyers and IT Managers Collaborate to Secure Sensitive Company Data
Global business travel spending reached $1.33 trillion in 2017 and is forecast to advance another 7.1 percent in 2018. As this investment continues to rise, it’s increasingly important to help business travelers protect sensitive company information while they are in transit. The cost of neglecting this risk is high, as a single data breach costs an average of $3.62 million.
Travel buyers within large companies do more than negotiate supplier agreements. They set travel policies that can help reduce an organization’s risk. As such, both IT managers and travel buyers have an important role to play in data security. By coordinating efforts, they can ensure that business travelers are trained, equipped and updated on best practices to help keep personal and company information safe while traveling.
While most companies invest in IT security, a serious oversight in some companies is spending millions to protect their digital data while ignoring the threat of lower-tech hacking techniques. This risk is heightened for employees working while traveling, but it can be mitigated by educating travelers and providing resources to help protect data displayed on their screens.
The following are some measures designed to reduce the visual, verbal, digital and physical exposure of data, protecting key information and thwarting opportunistic hackers. These behaviors and tools can be incorporated into official practices and procedures by IT managers – and travel buyers can reinforce in communications.
Developing better situational awareness: Business travelers are their own first line of defense when it comes to data privacy and security. Whenever possible, they should try to position themselves in a way that limits what other people – or devices – can see, hear or record. They should consider multiple vantage points, including people above them (e.g., on balconies and upper levels) or within “zooming” distance, as well as the locations of security cameras.
Securing screens with privacy filters: Privacy filters help protect what’s on laptop or mobile device screens by blocking unauthorized side views – a particularly useful tool for travelers that spend a significant time in crowded waiting areas or in transit on planes, trains and ferries.
Locking devices when not in use: All computers and mobile devices should be password-protected as a basic security measure, but employees should be required to do so anywhere they access company information. This measure is only effective if they also make sure to lock the device whenever it is not in use – even for short periods of time.
Implementing physical locks and alarms: Physically locking briefcases and carry-ons provides an extra layer of security against opportunistic snatch-and-grab incidents. In addition, laptop alarms are available that combine software with a physical alarm attached to the device. If the device is lost or stolen, the alarm goes off loudly.
Traveling with juice-jack protectors and personal charging devices: Juice-jack protectors can be attached to the end of a USB cord to help protect against skimmers when travelers are charging their devices in public places. If possible, providing personal charging devices to frequent travelers will limit their need to use public chargers at all.
Using portable Wi-Fi hotspots and/or a company VPN: Open or publicly-available Wi-Fi leaves travelers vulnerable to numerous methods of hacking. Ideally, frequent travelers should have their own personal hotspot device to access their own Wi-Fi, but a company VPN can also provide greater protection on an open network.
Carrying a travel-only laptop: This may not be possible for all travelers or companies, but providing laptops dedicated solely to travel, with the minimum amount of data needed for each trip, offers an advantageous way to limit access to sensitive information.
By working together and using all tools at their disposal, travel buyers and IT managers can help business travelers understand and prioritize their safety and security.