Securing Your Enterprise Assets While Traveling for Work

Traveling for work is a regular occurrence for many of us. Most of the time, traveling for client meetings, conferences, team meetings and other work-related activities also means taking a laptop or other portable devices traveling too. These devices could easily include your company’s IP, strategic plans, financials or other sensitive enterprise assets.

With this in mind, it is critical for security professionals to ensure that the right policies and controls are in place to help defend the organization’s information assets, whether they are ingressing and egressing over your network or traveling through airport check-ins, around turnstiles and, eventually, on the red-eye flight home.

Let’s take a look at some best practices that you can apply today to help protect your organization on the road.

Before You Go

Endpoint protection begins even before devices leave the confines of the traditional perimeter. An integrated endpoint security strategy is required to ensure that patches are current, vulnerabilities are known and addressed, and antivirus and antimalware measures are in place. You need a security solution that manages and secures your endpoints across the globe, wherever they are.

Data protection includes regularly backing up devices and leveraging strong disk encryption to further defend any stored data. In the event that a device is lost and cannot be recovered, these measures can help further protect enterprise assets and safeguard business continuity.

Watch the Webinar: 5 Advantages of Cloud-Based SIEM for Security Intelligence and Operations

On the Road

While on the road, travelers should take extra precautions to ensure that portable devices are within sight or securely stowed at all times. Passing through busy airports and other checkthroughs introduces opportunities for loss or theft. A nonpermanent bright sticker can help distinguish your device, keep it in sight and prevent mix-ups with other travelers.

Public Wi-Fi should be used with caution, and never without sensitive information passing through virtual private network (VPN), at a minimum. Disabling file and print sharing, as well as noncritical plugins, is advised, and only then should trusted sites be traversed over secure protocols.

An open laptop on a plane, in a cafe or in densely populated areas can invite unwanted views. Most phones today have resolutions sufficient to take full-screen captures quickly and easily without anyone even noticing. Laptop privacy filters can help limit the risk of visual hacking and should be considered standard issue for those traveling with laptops for work.

Traveling Light in the Clouds

I prefer traveling light. The fewer things that I have to bring on a trip, the better. That includes data on my laptop.

Before traveling, identify and delete or move any sensitive data that is not required on the trip from your laptop or other portable device. Leveraging thin clients, configured correctly, can equate to a stronger overall remote security posture.

Additionally, by adopting a secured and shared cloud file repository, you can limit the need to travel with sensitive files on your device. In cases where it is not advisable to download files to a device in-country, you may use a USB drive, share it, and then securely dispose of it after it is no longer needed.

Protecting Your Enterprise Assets

It is imperative to proactively monitor all the devices deployed in the field. Organizations of all sizes are recognizing the need for a coordinated security operations and response approach to understand and manage threats within and beyond the traditional perimeter.

Effective monitoring and management of the deployed field includes, at its heart, security intelligence and analytics to scale effectively. Managing one endpoint can be challenging, but managing thousands or more requires an orchestrated approach. With intelligent, eyes-on monitoring of all assets on the network, chief information officers (CIOs), chief information security officers (CISOs) and information security directors are best positioned to respond to existing threats and defend against future ones, whether on-premises or remote.

In the event that a device in the field is damaged lost or stolen, a well-prepared and dynamic response plan can mean the difference between a smaller loss and one with broader financial and business continuity implications. Preferably, this plan also includes run books that can escalate the incident to the proper analyst and notify the legal team. In general, these playbooks can be used to direct IT professionals to take the appropriate next steps quickly and with precision.

Protective measures, when properly executed before, during and after hitting the road, can greatly increase the likelihood of a safe and successful journey. The next time you are facing travel for work, you can help ensure that only the most secure enterprise practices are along for the ride.

Watch the Webinar: 5 Advantages of Cloud-Based SIEM for Security Intelligence and Operations

Share this Article:
Chris Collard

Program Director for QRadar Cloud, SaaS and MSSP, IBM Security

Chris is an information security professional with over 15 years of experience managing information systems and services. He is a Certified Information Systems Security Professional (CISSP) and holds a Certificate of Cloud Security Knowledge (CCSK) from the Cloud Security Alliance.