Nov 10 2017
Security

4 Tips to Protect Sensitive Business Data at Border Crossings

Help international business travelers in your company protect sensitive information by following these five tips.
Karen Scarfone
by

Karen Scarfone is the principal consultant for Scarfone Cybersecurity. She provides cybersecurity publication consulting services to organizations and was formerly a senior computer scientist for the National Institute of Standards and Technology (NIST).

Did you know that when international business travelers re-enter the United States, customs officials have the right to seize their devices, duplicate the contents and return them to their owners days later?

Of course, all of that puts your company’s sensitive information at higher risk of exposure. Outside of the U.S., customs officials in many countries may demand access to laptops, smartphones and tablets and view the data they hold, from documents and emails to web browser histories and call logs. Officials can transfer copies of that information to their government’s systems, placing it outside of an organization’s control and protection.

IT admins and business owners should take the proper steps to help employees protect any sensitive business information stored on devices before anyone crosses a border. Here are four tips to keep in mind.

1. Use Multiple Tools to Protect Travelers' Data 

Ensure that before employees travel, they check with IT about travel precautions. Also require employees to use multiple strategies to keep sensitive data off their devices. Some companies offer virtual desktop infrastructure services for remote access to data and applications, allowing sensitive data to stay within a virtual OS controlled by the company. The data is never stored on an employee’s laptop or any other device, so customs officials won’t be able to see it.

2. Deploy Storage ­Encryption Technology

Storage encryption ­blocks sensitive information from trespass. But even if a device is password-protected, forensics tools can access stored data if encryption isn’t used. Laptops need full-disk encryption to ensure that only authorized users boot them or access data. Use file or folder encryption applications to protect data even after a device has booted. Ensure users also apply storage encryption to removable media.

3. Store Data Only in Authorized Locations

While working in other countries around the world, employees may create new files containing sensitive company data. Make sure business travelers understand that they must place those data files in a location where they will be adequately protected; for instance, they should save files in designated folders on the laptop or device or with secure, cloud-based file storage services that are pre­approved by the company.

4. Don’t Store ­Credentials on Devices

If officials access a traveler’s device, they may also access passwords stored in web browsers and other applications. That gives them access to the employee’s online presence and puts sensitive company information at risk. Avoid storing passwords on a device and set up a unique, dissimilar password for each account. If customs accesses the passwords, files and other data, users should report it immediately.

adventtr/Getty Images

More On

Related Stories

Close

See How Your Peers Are Moving Forward in the Cloud

New research from CDW can help you build on your success and take the next step.

Click Here to Read the Report