By  on August 14, 2006

New carry-on baggage restrictions imposed by British authorities following last week's foiled terrorist plot pose a predicament for corporate data security.

Business travelers accustomed to working in the skies can no longer bring computers into the passenger cabin on flights in and out of British airports. Sydney Airport also bans carry-on laptops for U.S.-bound flights, according to Australian press reports. Computers and other electronic devices, which could be used to conceal explosives, must be packed with checked luggage instead.

The restriction flies in the face of standard corporate-data security practice, which requires employees to take company laptops in carry-on baggage, to protect proprietary corporate data from falling into the wrong hands.

In the United States, liquids and gels are banned from carry-on luggage, but laptops are still permitted onboard, except for flights into British airports.

Ahold USA, a $22.6 billion grocery chain and subsidiary of Amsterdam-based Ahold, is familiar with the risk at hand. A laptop containing personal information on retirees enrolled in its pension plan was packed in checked luggage, and lost by an airline in May, according to the Washington Post. Ahold has not modified its laptop security policy.

"Since the new restrictions just occurred yesterday, it is something we will look at immediately. We are going to look at this today," Barry Scher, an Ahold USA spokesman, said Friday.

Also in May, an Internal Revenue Service laptop containing unencrypted personal data of employees and job applicants was packed in checked luggage, and lost.

Last week, only months after thieves stole a laptop containing personal data of 26 million veterans (that laptop was later recovered), another VA laptop containing personal information was reported missing in Florida. "The larger issue is the VA [Veterans Adminis­tration] got popped again, and I don't think this is peculiar to the VA. It's everybody," said Cathy Hotka, principal of Cathy Hotka & Associates, a Washington consulting company.

While some retail and apparel executives are examining their data security policies, others view the new restrictions as an "inconvenience" and are watching to see whether U.S. airports follow suit and ban laptops in the cabin.Lisa Sotto, a partner at the law firm Hunton & Williams LLP in New York, which focuses on privacy, data security and information management issues, said some of her clients revised their corporate security policies last week in response to British restrictions. Among the data security measures she offered for airline passengers with laptops were "encryption, if possible, and password protection at the very least. Laptops should be powered off, not put in hibernation mode." Sotto, who is vice chair of the Department of Homeland Security's Data Privacy and Integrity Advisory Committee, said the ban on carry-on laptops may turn out to be a short-term problem but that will depend on how global events unfold.

As for David Hogan, senior vice president and chief information officer of the National Retail Federation, his advice is to "leave the laptop home." His recommendation would have been the same three years ago, when he was cio of Duty Free Shops. Hogan said many companies have offices based at employees' travel destinations, and they'd be better off accessing company data from those computers after they've arrived, rather than risk transporting laptops in checked baggage.

To continue reading this article...

To Read the Full Article

Tap into our Global Network

Of Industry Leaders and Designers

load comments
blog comments powered by Disqus