Did you know that when international business travelers re-enter the United States, customs officials have the right to seize their devices, duplicate the contents and return them to their owners days later?
Of course, all of that puts your company’s sensitive information at higher risk of exposure. Outside of the U.S., customs officials in many countries may demand access to laptops, smartphones and tablets and view the data they hold, from documents and emails to web browser histories and call logs. Officials can transfer copies of that information to their government’s systems, placing it outside of an organization’s control and protection.
IT admins and business owners should take the proper steps to help employees protect any sensitive business information stored on devices before anyone crosses a border. Here are four tips to keep in mind.
1. Use Multiple Tools to Protect Travelers' Data
Ensure that before employees travel, they check with IT about travel precautions. Also require employees to use multiple strategies to keep sensitive data off their devices. Some companies offer virtual desktop infrastructure services for remote access to data and applications, allowing sensitive data to stay within a virtual OS controlled by the company. The data is never stored on an employee’s laptop or any other device, so customs officials won’t be able to see it.
2. Deploy Storage Encryption Technology
Storage encryption blocks sensitive information from trespass. But even if a device is password-protected, forensics tools can access stored data if encryption isn’t used. Laptops need full-disk encryption to ensure that only authorized users boot them or access data. Use file or folder encryption applications to protect data even after a device has booted. Ensure users also apply storage encryption to removable media.
3. Store Data Only in Authorized Locations
While working in other countries around the world, employees may create new files containing sensitive company data. Make sure business travelers understand that they must place those data files in a location where they will be adequately protected; for instance, they should save files in designated folders on the laptop or device or with secure, cloud-based file storage services that are preapproved by the company.
4. Don’t Store Credentials on Devices
If officials access a traveler’s device, they may also access passwords stored in web browsers and other applications. That gives them access to the employee’s online presence and puts sensitive company information at risk. Avoid storing passwords on a device and set up a unique, dissimilar password for each account. If customs accesses the passwords, files and other data, users should report it immediately.