Traveling for work is a regular occurrence for many of us. Most of the time, traveling for client meetings, conferences, team meetings and other work-related activities also means taking a laptop or other portable devices traveling too. These devices could easily include your company’s IP, strategic plans, financials or other sensitive enterprise assets.

With this in mind, it is critical for security professionals to ensure that the right policies and controls are in place to help defend the organization’s information assets, whether they are ingressing and egressing over your network or traveling through airport check-ins, around turnstiles and, eventually, on the red-eye flight home.

Let’s take a look at some best practices that you can apply today to help protect your organization on the road.

Before You Go

Endpoint protection begins even before devices leave the confines of the traditional perimeter. An integrated endpoint security strategy is required to ensure that patches are current, vulnerabilities are known and addressed, and antivirus and antimalware measures are in place. You need a security solution that manages and secures your endpoints across the globe, wherever they are.

Data protection includes regularly backing up devices and leveraging strong disk encryption to further defend any stored data. In the event that a device is lost and cannot be recovered, these measures can help further protect enterprise assets and safeguard business continuity.

Watch the Webinar: 5 Advantages of Cloud-Based SIEM for Security Intelligence and Operations

On the Road

While on the road, travelers should take extra precautions to ensure that portable devices are within sight or securely stowed at all times. Passing through busy airports and other checkthroughs introduces opportunities for loss or theft. A nonpermanent bright sticker can help distinguish your device, keep it in sight and prevent mix-ups with other travelers.

Public Wi-Fi should be used with caution, and never without sensitive information passing through virtual private network (VPN), at a minimum. Disabling file and print sharing, as well as noncritical plugins, is advised, and only then should trusted sites be traversed over secure protocols.

An open laptop on a plane, in a cafe or in densely populated areas can invite unwanted views. Most phones today have resolutions sufficient to take full-screen captures quickly and easily without anyone even noticing. Laptop privacy filters can help limit the risk of visual hacking and should be considered standard issue for those traveling with laptops for work.

Traveling Light in the Clouds

I prefer traveling light. The fewer things that I have to bring on a trip, the better. That includes data on my laptop.

Before traveling, identify and delete or move any sensitive data that is not required on the trip from your laptop or other portable device. Leveraging thin clients, configured correctly, can equate to a stronger overall remote security posture.

Additionally, by adopting a secured and shared cloud file repository, you can limit the need to travel with sensitive files on your device. In cases where it is not advisable to download files to a device in-country, you may use a USB drive, share it, and then securely dispose of it after it is no longer needed.

Protecting Your Enterprise Assets

It is imperative to proactively monitor all the devices deployed in the field. Organizations of all sizes are recognizing the need for a coordinated security operations and response approach to understand and manage threats within and beyond the traditional perimeter.

Effective monitoring and management of the deployed field includes, at its heart, security intelligence and analytics to scale effectively. Managing one endpoint can be challenging, but managing thousands or more requires an orchestrated approach. With intelligent, eyes-on monitoring of all assets on the network, chief information officers (CIOs), chief information security officers (CISOs) and information security directors are best positioned to respond to existing threats and defend against future ones, whether on-premises or remote.

In the event that a device in the field is damaged lost or stolen, a well-prepared and dynamic response plan can mean the difference between a smaller loss and one with broader financial and business continuity implications. Preferably, this plan also includes run books that can escalate the incident to the proper analyst and notify the legal team. In general, these playbooks can be used to direct IT professionals to take the appropriate next steps quickly and with precision.

Protective measures, when properly executed before, during and after hitting the road, can greatly increase the likelihood of a safe and successful journey. The next time you are facing travel for work, you can help ensure that only the most secure enterprise practices are along for the ride.

Watch the Webinar: 5 Advantages of Cloud-Based SIEM for Security Intelligence and Operations

More from Intelligence & Analytics

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Web injections are back on the rise: 40+ banks affected by new malware campaign

8 min read - Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript web injections. This new campaign is widespread and particularly evasive, with historical indicators of compromise (IOCs) suggesting a possible connection to DanaBot — although we…

Accelerating security outcomes with a cloud-native SIEM

5 min read - As organizations modernize their IT infrastructure and increase adoption of cloud services, security teams face new challenges in terms of staffing, budgets and technologies. To keep pace, security programs must evolve to secure modern IT environments against fast-evolving threats with constrained resources. This will require rethinking traditional security strategies and focusing investments on capabilities like cloud security, AI-powered defense and skills development. The path forward calls on security teams to be agile, innovative and strategic amidst the changes in technology…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today