2 min read

Four Things To Know About Information Security Before Selecting a TMC

Four Things To Know About Information Security Before Selecting a TMC

Travel — both domestic and overseas — goes hand in hand with modern-day business life. However, it’s important to understand potential information security concerns before selecting a travel management partner.

Learn about the top four risks during business travel so you can make informed decisions, plan accordingly, and mitigate risks.

Data Made Vulnerable

Thanks to laptops, smartphones and the myriad other devices that keep us connected, today’s workforce is extremely mobile. For as many benefits as these technological advancements have ushered in, they also pose significant risks to organizations — be it equipment and data loss or customs and security clearance issues — especially when company policies aren’t strictly followed or enforced. During travel, cyber-criminals can gain access to personal information, company data and company networks.

Airport Theft

Among the riskiest locales for theft during business travel is airports. Unless valuables are kept in sight at all times, they are easily subject to theft. That includes when you’re passing through security and if items are placed in cargo or stashed in overhead bins. What’s more, border agents — as confirmed by the Department of Homeland Security — are legally allowed to search through files, including on laptops, smartphones and any other digital device, when you enter the country. No reasonable cause is required. Officials can then keep any found data and devices, and they can require you to provide passwords while devices are encrypted.

Public Hotspots

When traveling, it’s common to use public hotspots — whether in airports, cafes or business centers — as a means to access the Internet. But doing so significantly increases the risk of data compromise since it’s common to find spyware on devices and USBs can also be a source of infection. What’s more, hackers can — and do — set up fake WiFi networks as a means to capture sensitive information.

International Laws and Corruption

International travel is a regular reality for employees at most corporations. In the case of authoritarian regimes, however, governments may attempt to view mobile devices and international media using inherent ideologies to justify it.

Then there’s the matter of corrupt officials, who may — for example — demand that a “tax” is paid in order to maintain possession of devices. Travelers have no choice, really, but to pay, in the meantime leaving their technology subject to information theft.

To prevent unwanted access and theft, employees should limit the presence of sensitive data, first and foremost. Meanwhile, corporations must capitalize on remote access security measures via means like SSL VPN, along with RSA key fobs. Additional precautions must be in place, too, since every destination is different and what works in one may not work in another. Added considerations include alarming or tagging equipment, enlisting remote data deletion technologies, using multi-factor access authentication and employing secure online storage solutions.

When travel arrangements are outsourced to a business travel agency, it is imperative that you select a travel management company like AmTrav that is committed to information security, using only systems that are secure and robust. Be sure to work only with a TMC that properly protects company assets, including data and employee information; has established and effective access control procedures, and provides information only on a need-to-know basis. Meanwhile, it is vital that employees understand their personal responsibilities when it comes to traveling with corporate and personal data.

 

By: Jennifer O.

Keep your AAdvantage with AmTrav

Keep your AAdvantage with AmTrav

Starting May 1 AmTrav will be one of the few “preferred agencies” where your travelers can earn AAdvantage Miles and Loyalty Points toward status, as

Read More
Whose Problem Is It?

Whose Problem Is It?

On AmTrav's NDC webinar last week Jeff and Cory shared some insight about how competing TMCs are trying to implement NDC, the technology that gets...

Read More