Sunday, February 12, 2012

Sensitive Digital Data: These Days, You Can't Take it With You


Though this may change in the future, I haven't travelled much outside the US since joining IBM.  My most recent trip was to three Scandinavian countries, and I have to admit it, I didn't think too much about taking extra security precautions while abroad.

Well, if you know anything about this big company, it's that it does business in almost every country on the planet, and it puts a lot of emphasis on building new business in new and growing markets.

Imagine, as I sometimes do, that I was a senior executive ... or a high ranking military or government official. Then my preparations and precautions might have been a little different.  How different you say?

Try this on for size, from a description of the recent actions of a senior analyst at the Brookings Institute bound for China:
  • "He leaves his cellphone and laptop at home and instead brings loaner devices, which he erases before he leaves the United States and wipes clean the minute he returns" 
  • "In China, he disables Bluetooth and Wi-Fi, never lets his phone out of his sight and, in meetings, not only turns off his phone but also removes the battery, for fear his microphone could be turned on remotely" 
  • "He connects to the Internet only through an encrypted, password-protected channel, and copies and pastes his password from a USB thumb drive" 
  • "He never types in a password directly, because, he said, “the Chinese are very good at installing key-logging software on your laptop” 
Mind you, it's probably wrong, or at least misleading, to single out China here, because unless I'm very much mistaken, every country has access to most of the same technologies. China is different, though, as a great deal of the hardware in laptops and phones is made there.

If you read down through the comments following the article (and there are many) you may light upon one that caught my eye: "So why would your physical location make that much of a difference?" I'm not technical enough to understand all the implications of this question, but my guess is the answer is "not as much as one might think/hope."

Anyway, something to think about from a national security point of view. And as someone who promotes international conferences on energy and security as part of my social media avocation, these issues need to become part of the awareness of everyone in our industry whose travels take them across international borders.

You can read the whole NYT's article HERE. I think you'll find it interesting.  And, hat tip to Ernie H for providing this LINK to recent guidance on laptop security when travelling abroad. Warning: it's a very long list.

Image courtesy of DeclanTM at Flickr.com