Taking your computing on the road has never been easier. Laptops have been miniaturized into full-functioning netbooks, people prefer iPads to netbooks, and full-featured smartphones are capable of standing in for a computer whenever called upon to do so. What with WiFi hotspots proliferating everywhere and 3G making up for WiFi in other places, working everywhere you go might have become easier; but keeping your data safe while you do that just became harder. Have you ever been at a crowded airport and had some businessman next to you speak loudly into his phone making a room reservation or something, telling the reservation clerk all about his credit card number, security code and everything else in a way ten people around you could hear? When it comes to sensitive information security, best practices just became harder to follow.
Apart from being loudmouthed with your entire financial life on the phone in public, there are quite a few other ways in which information security best practices are hard to follow when you carry your office around in your pocket. The antivirus companies report that over the last three months alone, criminals designing malware for smartphones have come to market with twice as many “products” as before. Some companies have had so much trouble with having sensitive company information stolen from smartphones belonging to executives on the road that they’ve built up a policy where any employee traveling out of town is required to pick up a separate device from the company. This phone will usually have nothing that the company would mind losing. Companies sending executives out to developing countries, especially, find that need to be careful. These countries often have very lax regulations that malware designers are able to exploit.
Sometimes, data thieves have other ways of getting in. Typically, they’ll try to bribe housekeeping staff at hotels where business travelers stay. Those hotel employees will try to infect a laptop or a smartphone that a business traveler has left lying around in his room. For data security, best practices involve having business travelers themselves exercise a bit of caution. Often, they will post their entire travel plans on Facebook and open up opportunities for thieves. Sometimes they’ll just sit at a public Internet terminal at an airport or elsewhere and key in personal information. Almost always, those public terminals are infected.
People traveling on business shouldn’t forget that in the area of data security, best practices require whole disk encryption. Nothing can get safer than that.