Light Dark
June 8, 2017 By Chris Collard 3 min read
Intelligence & Analytics
Data Protection
Endpoint

Traveling for work is a regular occurrence for many of us. Most of the time, traveling for client meetings, conferences, team meetings and other work-related activities also means taking a laptop or other portable devices traveling too. These devices could easily include your company’s IP, strategic plans, financials or other sensitive enterprise assets.

With this in mind, it is critical for security professionals to ensure that the right policies and controls are in place to help defend the organization’s information assets, whether they are ingressing and egressing over your network or traveling through airport check-ins, around turnstiles and, eventually, on the red-eye flight home.

Let’s take a look at some best practices that you can apply today to help protect your organization on the road.

Before You Go

Endpoint protection begins even before devices leave the confines of the traditional perimeter. An integrated endpoint security strategy is required to ensure that patches are current, vulnerabilities are known and addressed, and antivirus and antimalware measures are in place. You need a security solution that manages and secures your endpoints across the globe, wherever they are.

Data protection includes regularly backing up devices and leveraging strong disk encryption to further defend any stored data. In the event that a device is lost and cannot be recovered, these measures can help further protect enterprise assets and safeguard business continuity.

Watch the Webinar: 5 Advantages of Cloud-Based SIEM for Security Intelligence and Operations

On the Road

While on the road, travelers should take extra precautions to ensure that portable devices are within sight or securely stowed at all times. Passing through busy airports and other checkthroughs introduces opportunities for loss or theft. A nonpermanent bright sticker can help distinguish your device, keep it in sight and prevent mix-ups with other travelers.

Public Wi-Fi should be used with caution, and never without sensitive information passing through virtual private network (VPN), at a minimum. Disabling file and print sharing, as well as noncritical plugins, is advised, and only then should trusted sites be traversed over secure protocols.

An open laptop on a plane, in a cafe or in densely populated areas can invite unwanted views. Most phones today have resolutions sufficient to take full-screen captures quickly and easily without anyone even noticing. Laptop privacy filters can help limit the risk of visual hacking and should be considered standard issue for those traveling with laptops for work.

Traveling Light in the Clouds

I prefer traveling light. The fewer things that I have to bring on a trip, the better. That includes data on my laptop.

Before traveling, identify and delete or move any sensitive data that is not required on the trip from your laptop or other portable device. Leveraging thin clients, configured correctly, can equate to a stronger overall remote security posture.

Additionally, by adopting a secured and shared cloud file repository, you can limit the need to travel with sensitive files on your device. In cases where it is not advisable to download files to a device in-country, you may use a USB drive, share it, and then securely dispose of it after it is no longer needed.

Protecting Your Enterprise Assets

It is imperative to proactively monitor all the devices deployed in the field. Organizations of all sizes are recognizing the need for a coordinated security operations and response approach to understand and manage threats within and beyond the traditional perimeter.

Effective monitoring and management of the deployed field includes, at its heart, security intelligence and analytics to scale effectively. Managing one endpoint can be challenging, but managing thousands or more requires an orchestrated approach. With intelligent, eyes-on monitoring of all assets on the network, chief information officers (CIOs), chief information security officers (CISOs) and information security directors are best positioned to respond to existing threats and defend against future ones, whether on-premises or remote.

In the event that a device in the field is damaged lost or stolen, a well-prepared and dynamic response plan can mean the difference between a smaller loss and one with broader financial and business continuity implications. Preferably, this plan also includes run books that can escalate the incident to the proper analyst and notify the legal team. In general, these playbooks can be used to direct IT professionals to take the appropriate next steps quickly and with precision.

Protective measures, when properly executed before, during and after hitting the road, can greatly increase the likelihood of a safe and successful journey. The next time you are facing travel for work, you can help ensure that only the most secure enterprise practices are along for the ride.

Watch the Webinar: 5 Advantages of Cloud-Based SIEM for Security Intelligence and Operations

 |  |  |  | 
Chris Collard
Program Director for QRadar Cloud, SaaS and MSSP, IBM Security

More from Intelligence & Analytics
October 30, 2023

Hive0051’s large scale malicious operations enabled by synchronized multi-channel DNS fluxing

12 min read - For the last year and a half, IBM X-Force has actively monitored the evolution of Hive0051’s malware capabilities. This Russian threat actor has accelerated its development efforts to support expanding operations since the onset of the Ukraine conflict. Recent analysis identified three key changes to capabilities: an improved multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and the use of fileless PowerShell variants of the Gamma malware. As of October 2023, IBM X-Force has also observed a significant increase in…

September 12, 2023

Email campaigns leverage updated DBatLoader to deliver RATs, stealers

11 min read - IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. X-Force has observed nearly two dozen email campaigns since late June leveraging the updated DBatLoader loader to deliver payloads such as Remcos, Warzone, Formbook, and AgentTesla. DBatLoader malware has been used since 2020 by cybercriminals to install commodity malware remote access Trojans (RATs) and infostealers, primarily via malicious spam (malspam). DBatLoader…

September 7, 2023

New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

8 min read - IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads. Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature