Traveling for work is a regular occurrence for many of us. Most of the time, traveling for client meetings, conferences, team meetings and other work-related activities also means taking a laptop or other portable devices traveling too. These devices could easily include your company’s IP, strategic plans, financials or other sensitive enterprise assets.

With this in mind, it is critical for security professionals to ensure that the right policies and controls are in place to help defend the organization’s information assets, whether they are ingressing and egressing over your network or traveling through airport check-ins, around turnstiles and, eventually, on the red-eye flight home.

Let’s take a look at some best practices that you can apply today to help protect your organization on the road.

Before You Go

Endpoint protection begins even before devices leave the confines of the traditional perimeter. An integrated endpoint security strategy is required to ensure that patches are current, vulnerabilities are known and addressed, and antivirus and antimalware measures are in place. You need a security solution that manages and secures your endpoints across the globe, wherever they are.

Data protection includes regularly backing up devices and leveraging strong disk encryption to further defend any stored data. In the event that a device is lost and cannot be recovered, these measures can help further protect enterprise assets and safeguard business continuity.

Watch the Webinar: 5 Advantages of Cloud-Based SIEM for Security Intelligence and Operations

On the Road

While on the road, travelers should take extra precautions to ensure that portable devices are within sight or securely stowed at all times. Passing through busy airports and other checkthroughs introduces opportunities for loss or theft. A nonpermanent bright sticker can help distinguish your device, keep it in sight and prevent mix-ups with other travelers.

Public Wi-Fi should be used with caution, and never without sensitive information passing through virtual private network (VPN), at a minimum. Disabling file and print sharing, as well as noncritical plugins, is advised, and only then should trusted sites be traversed over secure protocols.

An open laptop on a plane, in a cafe or in densely populated areas can invite unwanted views. Most phones today have resolutions sufficient to take full-screen captures quickly and easily without anyone even noticing. Laptop privacy filters can help limit the risk of visual hacking and should be considered standard issue for those traveling with laptops for work.

Traveling Light in the Clouds

I prefer traveling light. The fewer things that I have to bring on a trip, the better. That includes data on my laptop.

Before traveling, identify and delete or move any sensitive data that is not required on the trip from your laptop or other portable device. Leveraging thin clients, configured correctly, can equate to a stronger overall remote security posture.

Additionally, by adopting a secured and shared cloud file repository, you can limit the need to travel with sensitive files on your device. In cases where it is not advisable to download files to a device in-country, you may use a USB drive, share it, and then securely dispose of it after it is no longer needed.

Protecting Your Enterprise Assets

It is imperative to proactively monitor all the devices deployed in the field. Organizations of all sizes are recognizing the need for a coordinated security operations and response approach to understand and manage threats within and beyond the traditional perimeter.

Effective monitoring and management of the deployed field includes, at its heart, security intelligence and analytics to scale effectively. Managing one endpoint can be challenging, but managing thousands or more requires an orchestrated approach. With intelligent, eyes-on monitoring of all assets on the network, chief information officers (CIOs), chief information security officers (CISOs) and information security directors are best positioned to respond to existing threats and defend against future ones, whether on-premises or remote.

In the event that a device in the field is damaged lost or stolen, a well-prepared and dynamic response plan can mean the difference between a smaller loss and one with broader financial and business continuity implications. Preferably, this plan also includes run books that can escalate the incident to the proper analyst and notify the legal team. In general, these playbooks can be used to direct IT professionals to take the appropriate next steps quickly and with precision.

Protective measures, when properly executed before, during and after hitting the road, can greatly increase the likelihood of a safe and successful journey. The next time you are facing travel for work, you can help ensure that only the most secure enterprise practices are along for the ride.

Watch the Webinar: 5 Advantages of Cloud-Based SIEM for Security Intelligence and Operations

More from Intelligence & Analytics

BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration

9 min read - This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, Diego Matos Martins and Joseph Spero. BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to the 2023 X-Force Threat Intelligence Index, continues to wreak havoc across organizations globally this year. BlackCat (a.k.a. ALPHV) ransomware affiliates' more recent attacks include targeting organizations in the healthcare, government, education, manufacturing and hospitality sectors. Reportedly, several of these incidents resulted…

9 min read

Despite Tech Layoffs, Cybersecurity Positions are Hiring

4 min read - It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals from other roles may be able to transfer their skills into cybersecurity relatively easily. As cybersecurity continues to remain a top business priority, organizations will…

4 min read

79% of Cyber Pros Make Decisions Without Threat Intelligence

4 min read - In a recent report, 79% of security pros say they make decisions without adversary insights “at least the majority of the time.” Why aren’t companies effectively leveraging threat intelligence? And does the C-Suite know this is going on? It’s not unusual for attackers to stay concealed within an organization’s computer systems for extended periods of time. And if their methods and behavioral patterns are unfamiliar, they can cause significant harm before the security team even realizes a breach has occurred.…

4 min read

Why People Skills Matter as Much as Industry Experience

4 min read - As the project manager at a large tech company, I always went to Jim when I needed help. While others on my team had more technical expertise, Jim was easy to work with. He explained technical concepts in a way anyone could understand and patiently answered my seemingly endless questions. We spent many hours collaborating and brainstorming ideas about product features as well as new processes for the team. But Jim was especially valuable when I needed help with other…

4 min read