Despite the advent of technologies such as videoconferencing which allow international business associates to stay connected from the comfort of their own boardroom, global corporate travel continues to increase. There is therefore an increase in corporate laptops, phones and other devices crossing borders every day, which may be targeted by malicious actors to access sensitive information or hack into networks. This ultimately compromises the ongoing operation and security of an organisation.
The Australian Cyber Security Centre (ACSC) and Australian Signals Directorate (ASD) provide advice regarding travelling overseas with electronic devices, which may assist organisations to secure electronic devices before, during and after overseas travel in order to prevent potential cyber incidents.
Before overseas travel
- If appropriate, staff may be provided with new devices and accounts from a pool of dedicated travel devices
- If appropriate, SCEC-endorsed tamper seals may be applied to key areas of electronic devices (e.g. USB slots)
- Educate staff on best practices including not taking their own personal devices, and conducting inspections to detect tampering
- Keep an inventory of key details of electronic devices being used for travel (e.g. serial numbers)
- Ensure devices are running vendor supported operating systems that have been securely configured
- Configure remote locate and wipe capabilities of electronic devices and ensure they are encrypted
During overseas travel
- Report any loss, suspected compromise or unusual behaviour relating to the device (including multi-factor authentication tokens) to the organisation’s designated security personnel as soon as possible
- Assume any electronic devices that have been taken out of sight (e.g. airport inspections, lost/stolen and later found/returned) are potentially compromised
- Do not allow untrusted persons to use devices, including charging their device using your laptop
- Only use chargers supplied with devices
- Never leave devices unattended, including in check-in luggage or hotel safes
- Store login credentials separately to devices
- Use Virtual Private Network (VPN) connections and avoid use of untrusted Wi-Fi networks
- Use encrypted Voice over IP (VoIP) applications for making calls
- Disable communication capabilities such as Wi-Fi and Bluetooth when not in use
- Do not keep devices in close proximity to sensitive conversations
- Avoid re-using removable media after connecting it to another organisation’s electronic devices
- Ensure removable media provided by other organisations for data transfers are appropriately checked for malware prior to being connected to your devices
- Never use any gifted electronic devices, especially removable media such as USB sticks, both whilst travelling and in Australia
After overseas travel
- If appropriate, reset user credentials used with electronic devices
- If appropriate, monitor user accounts of personnel that had recently travelled overseas for indicators of compromise (e.g. failed login attempts)
- Sanitise electronic devices and removable media
- Decommission multi-factor authentication tokens that left the physical possession of travelling personnel
- If there are suspicions that a device may be compromised, following sanitisation it may be redeployed for purposes that do not pose a security risk, or in extreme cases, decommissioned.
Personnel travelling internationally with corporate electronic devices may present an attractive target to malicious cyber actors, who are aware that strict cyber security protocols are often not employed by business travellers. Following best practices to ensure the security of electronic devices before, during and after overseas travel can help companies to avoid potentially costly cyber incidents.