Groustra notes that world phones -- those that support multiple standards -- work best. Although when he worked at Vantage he occasionally gave employees 4G LTE devices for special purposes -- if a traveling employee wanted to create a hotspot so several people could share connectivity, for example.
Of the risk vs. cost debate, Groustra says, "It's a tricky balance. Like any company, we had to watch the bottom line. We didn't want to go with the most expensive option, but we wanted to have multiple options because we didn't want [our guides] to be out of touch."
It's no surprise that more and more companies are turning to encryption to keep data safe when their employees travel overseas. They're using encrypted hard drives to safeguard data on laptops and encryption apps to protect company files and user data stored on smartphones' SD RAM cards.
Phil Cox, director of security and compliance at SystemExperts, says clients have told him stories about foreign customs officers taking possession of their laptops and claiming that they needed to inspect them. Although the clients said there was no evidence that anything was hacked, the experience left questions in their minds.
With such uncertainty in the air, encryption makes sense. But from a legal point of view, encryption can pose problems. Specifically, taking an encrypted device into some countries can violate international laws.
"Some countries have restrictions on what type of information you bring in. There are certain countries where encrypted data isn't allowed. And in some cases, coming in with a laptop with an encrypted hard drive is breaking local laws," says Greg Bell, principal and global services leader for information protection at KPMG.
The laws are complex; even countries that currently prohibit individuals from bringing in encrypted devices or data will allow it under certain circumstances with permits or prior permission from government agencies. (Of course, determining which government agencies can grant that permission can be a complicated task in itself.)
According to IT security experts, the countries that prohibit and/or require special permits for encryption include Belarus, China, Hungary, Israel, Russia and Saudi Arabia. (Travelers may want to check the State Department's list of country-specific information, where restrictions on digital data are sometimes -- but not always -- listed under "Customs Information.")
Richard E. Mackey Jr., vice president of consulting at SystemExperts, says prudent companies shouldn't allow workers to carry around too much sensitive information, encrypted or otherwise.
He recommends that IT departments make it a policy to know what each traveling worker has on his or her computer and other mobile devices and keep only what's absolutely necessary for a particular business trip. And that information should be encrypted.
What do you do if the country your employee is visiting prohibits encryption? Consider the cloud.
Bell says some companies are now storing sensitive data in the cloud rather than on laptop drives and equipping their road warriors with secure VPN connections that allow them to access material when they need it.
— Mary K. Pratt
Pratt is a Computerworld contributing writer in Waltham, Mass. You can contact her at marykpratt@verizon.net.
Read more about Staff Management in Computerworld's Staff Management Topic Center.
Free Insider Guide
IT organizations that fail to gain traction as leaders in business innovation may soon end up as nothing more than legacy ERP system baby sitters. CIOs need to move up the food chain quickly -- or move on. Insider (registration required) more
Copyright © 1994 - 2013 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
