Be Safe: a practical guide for business trips

Check to verify the completeness of this article.

Introduction

The protection of intangible capital has become an increasingly important concern for businesses:

  • commercial or strategic data
  • search results
  • expertise…

All these assets will normally be managed by the security policy implemented in the company. But what happens when such data moves beyond the walls of the company? Business trips involve particular danger for the information security of these types of data. Specific precautions need to be taken.

Once on the road, it is important to be aware of the risks and threats associated, for example, with the use of laptops and mobile phones.

This guide provides clear and simple guidance to reduce the risks associated with the loss, seizure or theft of business data.

The Ministry of the Economy and Foreign Trade also offers training sessions to encourage business travellers to adopt best practices in information security.

When going on a business trip, take precautions:

Before the trip

Before going on a business trip, we advise you to familiarise yourself with the local social, economic and cultural situation.

Travellers may also be exposed to significant physical risks abroad. It is necessary to take precautions. Visit the website of the Ministry of Foreign Affairs “Travel Advice” section (safety tips for travellers).

It can also be useful to familiarise yourself with local legislation and with the entry and exit regulations. This information may be important for staying safe during your trip.

Documents

To limit the damage of loss or theft of documents or data, take only the information essential for the trip.

Whenever possible, always keep credit cards, traveller’s cheques, passports and other forms of identification in different pockets when travelling.

It is preferable to keep your passport on your person at all times. It is also recommended to make 2 copies of the main page of your passport:

  • one copy to be taken on your trip, kept separate from your passport;
  • the second copy to be left in the country, with a trusted person.

Data

A “travel” laptop is recommended, with a minimal configuration, only holding the data and software required for the trip.

Before leaving, it is important to back up your data and delete your internet browsing history, including cookies, photos and videos. You should also use strong passwords with a minimum of 10 characters.

Data protection:

Sensitive information on electronic media must be encrypted.

USB flash drives:

  • It is highly recommended that you save all confidential documents on a USB flash drive to be kept with you at all times.
  • A second USB flash drive can be used for presentations or to share documents, thus avoiding theft or loss of critical documents.

Warning: Some local laws prohibit the use of encryption software or even the importing of encrypted data. Check before you leave.

Social networks

You are advised not to announce a business trip on social networks like Facebook, Twitter or LinkedIn. It would also be very ill-advised to post information such as the reason for the trip, your destination, hotel, schedule, any contacts and accompanying persons on these networks.

During your trip

During your trip, you should apply the following rules:

  1. Always secure data by avoiding leaving laptops and mobile phones unguarded. Anti-theft cables are recommended for laptops, especially when attending trade shows.
  2. Documents that are no longer needed should be destroyed, rather than merely thrown away. This prevents them being recovered by others.
  3. Business relationships: remain alert when sharing information with potential partners and ensure that your contacts can be trusted.
  4. Mobile phones: care is needed when sending sensitive information (SMS, emails, photos, documents) by mobile phone, as it can be intercepted. The only way to protect them is to use an encryption system like ‘pgp’ for emails or ‘securetext’ for SMS. You should also ensure:
  • that you do not talk about sensitive matters by mobile phone;
    • that you use a VoIP client via VPN, if you must have a sensitive conversation.
  • that you do not leave your mobile phone unattended;
  • if you must leave your mobile unattended, remove the SIM card and memory card and battery and keep them with you.

Detect manipulations

During your trip, you should learn how to detect manipulations. Thieves often simply exchange one device for another similar one, so that the theft is not immediately apparent. It is advisable to place a distinctive mark on all equipment. This way any theft will be noticed immediately.

Protect confidentiality

Hotels and taxis offer no guarantees; confidential conversations should be avoided in these places. Equipment or documents containing sensitive data should not be left in hotel safes. Likewise, be aware that communication networks in public places, hotels or business centres are likely to be monitored.

How to deal with theft

If you have to deal with such a situation, immediately list what has been stolen and file a complaint with the local police authorities.

Also inform your employer and your IT department if computer equipment and/or media containing confidential information have been stolen.

Contact your insurance company and declare the theft against you and immediately instruct your bank to cancel your bank cards.

Inform the embassy or consulate of your country if your passport has been stolen.

After the trip

Did you adhere to all the security instructions before and during the trip? Well done. On your return, a final check-up is required, along with some precautionary measures:

  • start with an inventory of all your data and removable media;
  • report any security-related matter during your trip involving you or one of your colleagues to your management;
  • before logging in to your electronic equipment (computer, USB flash drive, external hard drive, CD/DVD) on your company’s internal network, have it checked for any malware by your IT department.
  • Completely wipe your trip computer in preparation for your next trip.
  • Change any passwords used during the trip.