Travel and technology are natural companions. And no matter where or why we travel, we’re never more than a few feet from our devices — for better or worse. In many ways, technology is itself a form of travel; or at the very least it’s a world-wide window to humanity writ large. But for all the interconnectedness our devices bring, they are not without their pitfalls. They are also windows into us.
Think about everything your phone knows about you — heaven help us all if Siri becomes sentient — from your contacts, to your browsing history, to your deepest darkest secrets (like the fact that you still play Flappy Bird). And then there are the texts, and the emails; passwords; financial details; credit card numbers; social media accounts; photos; and maps that reveal all the places you’ve been just since May — perhaps even parts of your medical history, if you’ve set up your phone’s Medical ID. For the vast majority of travelers we could almost end the article here. As upsetting and difficult as it would be to lose one’s phone in a foreign country, the extent of the damage would be fairly insular.
But what if that phone were a company-issued device instead?
For corporations, the scope of damage is like the footprint of a nuclear bomb. It is potentially catastrophic. If the exact wrong employee at Bank of America loses their phone, the next person to pick it up would theoretically hold in their hands a gateway to 2.39 trillion dollars in assets. Tens of millions of client accounts could instantly hang in the balance. And although not entirely probable, the idea is downright terrifying.
One of the key aspects of cybersecurity is governance: it is taking deliberate, preventative measures to ensure that sensitive data doesn’t end up outside your four office walls. Years ago, when we all turned off our workstations and went home at the end of the night, controlling the dispersion of information was substantially easier. But now we carry our workstations with us, and they’re small enough to fit in our pockets. Company walls, once physical, are now reduced to a metaphor: they end wherever our employees are. Andorra? Zimbabwe?
Corporate travel management (CTM) is a trillion dollar industry for a reason: traveling for business is a 21st century necessity. But so is the technology we use to keep far-flung employees connected to home. The upshot is a cybersecurity nightmare — not unlike blowing on a dandelion, then trying to maintain control of the seeds as they go spinning off in the wind.
Defending these devices as they wander out to all four corners of the globe is not a job for the CTM of yesteryear; it requires concrete, progressive, and aggressive mobile security policies to protect company data from external threats. And as custodians of these devices, it also requires workers to be educated on how to safeguard the technologies entrusted to them.
Be they phones, laptops, or tablets, these technologies are no longer mere tools for communication: they are extensions of our truest selves, work-life included. Most people, if asked about the worst case scenario, would likely belt out one of three answers (if not all): devices gets lost, device gets hacked, device gets stolen. The reality is that the threat potentials are uncountable.
Take, for example, the Transportation Security Administration — gracious host of everyone’s favorite airport pastime: waiting in line. Alongside Customs and Border Protection (CBP), TSA border agents have broad powers when it comes to searching your person… up to and including your devices. The authority with which they are able to act against passengers at airports and borders raises serious concerns of unconstitutionality, with further implications that extend far beyond searches and seizures so as to land squarely in our backyard.
For businesses whose employees are under strict NDA’s, whose company-issued phones might have proprietary information on them (as was the case for one Apple executive), or whose devices may contain HIPAA-protected PHI, one of these searches can amount to a significant breach.
But as troubling as it can be for a company’s security, the employee undergoing the additional security might find themselves in a downright unwinnable situation. Consider the Apple executive mentioned above: his hesitation to unlock his work phone, out of legitimate fear of breaking his NDA, ultimately cost him his Global Entry status and made him the subject of additional screening in the future — not to mention the hour he spent being interrogated by a trio of armed border agents.
This kind of occurrence, though still rare, is becoming more and more of a headache for corporate travelers and the companies that employ them. It’s the sort of situation that a modern, corporate travel management policy would ideally have room for.
The fact of the matter is that cybersecurity threats no longer have to come to your front doorstep to do damage. All they really have to do is get to the devices your employees have on them. Even if you think you can get away with a highly encrypted phone, there’s always the risk that it can fall into the hands of someone who left their scruples at home that morning.
As Aubrey Hepburn once sang, “there is such a lot of world to see.” See it securely with JNT TEK. Contact us today for help preparing to travel with your technology.