Light Dark
June 8, 2017 By Chris Collard 3 min read
Intelligence & Analytics
Data Protection
Endpoint

Traveling for work is a regular occurrence for many of us. Most of the time, traveling for client meetings, conferences, team meetings and other work-related activities also means taking a laptop or other portable devices traveling too. These devices could easily include your company’s IP, strategic plans, financials or other sensitive enterprise assets.

With this in mind, it is critical for security professionals to ensure that the right policies and controls are in place to help defend the organization’s information assets, whether they are ingressing and egressing over your network or traveling through airport check-ins, around turnstiles and, eventually, on the red-eye flight home.

Let’s take a look at some best practices that you can apply today to help protect your organization on the road.

Before You Go

Endpoint protection begins even before devices leave the confines of the traditional perimeter. An integrated endpoint security strategy is required to ensure that patches are current, vulnerabilities are known and addressed, and antivirus and antimalware measures are in place. You need a security solution that manages and secures your endpoints across the globe, wherever they are.

Data protection includes regularly backing up devices and leveraging strong disk encryption to further defend any stored data. In the event that a device is lost and cannot be recovered, these measures can help further protect enterprise assets and safeguard business continuity.

Watch the Webinar: 5 Advantages of Cloud-Based SIEM for Security Intelligence and Operations

On the Road

While on the road, travelers should take extra precautions to ensure that portable devices are within sight or securely stowed at all times. Passing through busy airports and other checkthroughs introduces opportunities for loss or theft. A nonpermanent bright sticker can help distinguish your device, keep it in sight and prevent mix-ups with other travelers.

Public Wi-Fi should be used with caution, and never without sensitive information passing through virtual private network (VPN), at a minimum. Disabling file and print sharing, as well as noncritical plugins, is advised, and only then should trusted sites be traversed over secure protocols.

An open laptop on a plane, in a cafe or in densely populated areas can invite unwanted views. Most phones today have resolutions sufficient to take full-screen captures quickly and easily without anyone even noticing. Laptop privacy filters can help limit the risk of visual hacking and should be considered standard issue for those traveling with laptops for work.

Traveling Light in the Clouds

I prefer traveling light. The fewer things that I have to bring on a trip, the better. That includes data on my laptop.

Before traveling, identify and delete or move any sensitive data that is not required on the trip from your laptop or other portable device. Leveraging thin clients, configured correctly, can equate to a stronger overall remote security posture.

Additionally, by adopting a secured and shared cloud file repository, you can limit the need to travel with sensitive files on your device. In cases where it is not advisable to download files to a device in-country, you may use a USB drive, share it, and then securely dispose of it after it is no longer needed.

Protecting Your Enterprise Assets

It is imperative to proactively monitor all the devices deployed in the field. Organizations of all sizes are recognizing the need for a coordinated security operations and response approach to understand and manage threats within and beyond the traditional perimeter.

Effective monitoring and management of the deployed field includes, at its heart, security intelligence and analytics to scale effectively. Managing one endpoint can be challenging, but managing thousands or more requires an orchestrated approach. With intelligent, eyes-on monitoring of all assets on the network, chief information officers (CIOs), chief information security officers (CISOs) and information security directors are best positioned to respond to existing threats and defend against future ones, whether on-premises or remote.

In the event that a device in the field is damaged lost or stolen, a well-prepared and dynamic response plan can mean the difference between a smaller loss and one with broader financial and business continuity implications. Preferably, this plan also includes run books that can escalate the incident to the proper analyst and notify the legal team. In general, these playbooks can be used to direct IT professionals to take the appropriate next steps quickly and with precision.

Protective measures, when properly executed before, during and after hitting the road, can greatly increase the likelihood of a safe and successful journey. The next time you are facing travel for work, you can help ensure that only the most secure enterprise practices are along for the ride.

Watch the Webinar: 5 Advantages of Cloud-Based SIEM for Security Intelligence and Operations

 |  |  |  | 
Chris Collard
Program Director for QRadar Cloud, SaaS and MSSP, IBM Security

More from Intelligence & Analytics
September 5, 2024

New report shows ongoing gender pay gap in cybersecurity

3 min read - The gender gap in cybersecurity isn’t a new issue. The lack of women in cybersecurity and IT has been making headlines for years — even decades. While progress has been made, there is still significant work to do, especially regarding salary.The recent  ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the field. In fact, only 17% of the 14,865 respondents to the survey were women.Pay gap between men and womenOne of the most concerning disparities revealed by…

August 21, 2024

Protecting your data and environment from unknown external risks

3 min read - Cybersecurity professionals always keep their eye out for trends and patterns to stay one step ahead of cyber criminals. The IBM X-Force does the same when working with customers. Over the past few years, clients have often asked the team about threats outside their internal environment, such as data leakage, brand impersonation, stolen credentials and phishing sites. To help customers overcome these often unknown and unexpected risks that are often outside of their control, the team created Cyber Exposure Insights…

February 21, 2024

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature