Business Travel - Company Laptop Policy?
Discussion
I'm posting here vs. the Computing forum because I want answers from normal people who have no actual interest in IT but who do have a job to do whilst perhaps having to meet IT policies set by their company.
Those of you who travel on business, particularly overseas, especially to some of the more dubious parts of the world (China, Russia etc.) - what is your company policy on what IT kit you can take with you and how you use it please?
For example do you just pick up your regular laptop and off you go, are you issued a laptop specifically for the trip, do you take your data with you, do you take nothing with you and use a VPN etc.
Just trying to get a bit of a feel for what other businesses are doing so it would be useful to get any and all feedback
Those of you who travel on business, particularly overseas, especially to some of the more dubious parts of the world (China, Russia etc.) - what is your company policy on what IT kit you can take with you and how you use it please?
For example do you just pick up your regular laptop and off you go, are you issued a laptop specifically for the trip, do you take your data with you, do you take nothing with you and use a VPN etc.
Just trying to get a bit of a feel for what other businesses are doing so it would be useful to get any and all feedback
bhstewie said:
I'm posting here vs. the Computing forum because I want answers from normal people who have no actual interest in IT but who do have a job to do whilst perhaps having to meet IT policies set by their company.
Those of you who travel on business, particularly overseas, especially to some of the more dubious parts of the world (China, Russia etc.) - what is your company policy on what IT kit you can take with you and how you use it please?
For example do you just pick up your regular laptop and off you go, are you issued a laptop specifically for the trip, do you take your data with you, do you take nothing with you and use a VPN etc.
Just trying to get a bit of a feel for what other businesses are doing so it would be useful to get any and all feedback
I work in financial services and IT security policies are like something from MI5.Those of you who travel on business, particularly overseas, especially to some of the more dubious parts of the world (China, Russia etc.) - what is your company policy on what IT kit you can take with you and how you use it please?
For example do you just pick up your regular laptop and off you go, are you issued a laptop specifically for the trip, do you take your data with you, do you take nothing with you and use a VPN etc.
Just trying to get a bit of a feel for what other businesses are doing so it would be useful to get any and all feedback
To answer your question, I use my normal laptop and BlackBerry (yes, really).
The laptop requires two sets of logon credentials/passwords and I can only use 3G/4G or secure wi-fi with a VPN authentication.
The VPN token is on the BlackBerry which requires one password to unlock and another to obtain the VPN number.
Then, the laptop realises it's online and I need to validate and enter further passwords to access LANs, another for email, and another for internet access.
Progress, eh?
My current contract is with a place that makes stuff that, whilst generically sold to Russia/China, several key elements are very different to what we'd sell in Europe or the States...
Laptops are swapped for 'clean' ones. Emails do not process attachments whilst over VPN. Data sticks are heavily encrypted, with two passwords - one opens the whole thing up, the other only a very limited subset of files.
I've also worked in financial services, and this place is a whole extra level. Although I do know of certain application forms that are originally printed with a few boxes, showing where to sign. The rest of the form is printed on return and the details filled out back in Zurich/Singapore.
The main concern of my current place is the laws that require you to unlock your pc/drives etc. upon request by customs/police. So they set things up so that they can be unlocked/decrypted, yet still keep secrets safe.
Oh, data access is only via pre supplied access dongles, no doubt with some form of additional routing security.
They take this stuff very, very seriously.
Laptops are swapped for 'clean' ones. Emails do not process attachments whilst over VPN. Data sticks are heavily encrypted, with two passwords - one opens the whole thing up, the other only a very limited subset of files.
I've also worked in financial services, and this place is a whole extra level. Although I do know of certain application forms that are originally printed with a few boxes, showing where to sign. The rest of the form is printed on return and the details filled out back in Zurich/Singapore.
The main concern of my current place is the laws that require you to unlock your pc/drives etc. upon request by customs/police. So they set things up so that they can be unlocked/decrypted, yet still keep secrets safe.
Oh, data access is only via pre supplied access dongles, no doubt with some form of additional routing security.
They take this stuff very, very seriously.
bhstewie said:
What are you told regards Wi-Fi.
i.e. you're in the Shanghai Hilton and you see a "Free Wi-Fi" network advertised.
For me, I can't use "free wi-fi" or any open wi-fi via my work laptop. i.e. you're in the Shanghai Hilton and you see a "Free Wi-Fi" network advertised.
It has to be secure. I find some password protected wi-fi works on my laptop (such as at home and client offices) and some doesn't (such as hotel wi-fi).
A techie or some other pointy-head can probably explain why that is.
Normal work laptop is encrypted , email/office connection via secure VPN. Thats it really. I never use Wifi outside the office or home, I tether to my phone as I can usually find a 3G or 4G signal.
Some basic rules when out and about, never leave your laptop with the screen unlocked. If you walk away even if its at your desk you have to lock the screen. If I am in public and Im going to be sat a while then Im expected to lock my laptop to the table/chair using a security cable, same for my bag.
Previous employer required all laptops to be locked to the desk with a cable and combi lock even in the office.
Some basic rules when out and about, never leave your laptop with the screen unlocked. If you walk away even if its at your desk you have to lock the screen. If I am in public and Im going to be sat a while then Im expected to lock my laptop to the table/chair using a security cable, same for my bag.
Previous employer required all laptops to be locked to the desk with a cable and combi lock even in the office.
bhstewie said:
I'm posting here vs. the Computing forum because I want answers from normal people who have no actual interest in IT but who do have a job to do whilst perhaps having to meet IT policies set by their company.
Those of you who travel on business, particularly overseas, especially to some of the more dubious parts of the world (China, Russia etc.) - what is your company policy on what IT kit you can take with you and how you use it please?
For example do you just pick up your regular laptop and off you go, are you issued a laptop specifically for the trip, do you take your data with you, do you take nothing with you and use a VPN etc.
Just trying to get a bit of a feel for what other businesses are doing so it would be useful to get any and all feedback
How can you suggest China is dubious?Those of you who travel on business, particularly overseas, especially to some of the more dubious parts of the world (China, Russia etc.) - what is your company policy on what IT kit you can take with you and how you use it please?
For example do you just pick up your regular laptop and off you go, are you issued a laptop specifically for the trip, do you take your data with you, do you take nothing with you and use a VPN etc.
Just trying to get a bit of a feel for what other businesses are doing so it would be useful to get any and all feedback
Have you been?
How many times?
How long where you there?
vette
Travelled to China etc on business.
Just used standard laptop and VPN. That said - when I was there in 2011 IPSEC VPNs had issues with the great firewall. SSL VPNs worked OK. The situation has likely changed.
Make sure your OS is up to date and run a decent anti virus (if running OS X / Windows).
I'd not worry too much unless you're in a VERY sensitive area - you're pretty unlikely to be targeted. And in which case you really shouldn't be asking people on Pistonheads for advice on this.
Just used standard laptop and VPN. That said - when I was there in 2011 IPSEC VPNs had issues with the great firewall. SSL VPNs worked OK. The situation has likely changed.
Make sure your OS is up to date and run a decent anti virus (if running OS X / Windows).
I'd not worry too much unless you're in a VERY sensitive area - you're pretty unlikely to be targeted. And in which case you really shouldn't be asking people on Pistonheads for advice on this.
uk_vette said:
bhstewie said:
I'm posting here vs. the Computing forum because I want answers from normal people who have no actual interest in IT but who do have a job to do whilst perhaps having to meet IT policies set by their company.
Those of you who travel on business, particularly overseas, especially to some of the more dubious parts of the world (China, Russia etc.) - what is your company policy on what IT kit you can take with you and how you use it please?
For example do you just pick up your regular laptop and off you go, are you issued a laptop specifically for the trip, do you take your data with you, do you take nothing with you and use a VPN etc.
Just trying to get a bit of a feel for what other businesses are doing so it would be useful to get any and all feedback
How can you suggest China is dubious?Those of you who travel on business, particularly overseas, especially to some of the more dubious parts of the world (China, Russia etc.) - what is your company policy on what IT kit you can take with you and how you use it please?
For example do you just pick up your regular laptop and off you go, are you issued a laptop specifically for the trip, do you take your data with you, do you take nothing with you and use a VPN etc.
Just trying to get a bit of a feel for what other businesses are doing so it would be useful to get any and all feedback
Have you been?
How many times?
How long where you there?
vette
Current employer has many instances of Chinese customers 'swapping' certain options/configurations between themselves. Often leading to an un-notified lapse of certification (in an industry you really, really want the training facilities to be properly managed).
It may be fairly low on the physical risks, but technological risks are potentially orange jumpsuit at GitMo level...
uk_vette said:
How can you suggest China is dubious?
Have you been?
How many times?
How long where you there?
vette
China are dodgy as fk to put it mildly.Have you been?
How many times?
How long where you there?
vette
One example, plenty more out there http://www.nytimes.com/2012/02/11/technology/elect...
We're not in a James Bond industry, just a business looking at our approach and it's easy to go a bit mad when you work in IT and come up with something very secure but totally unworkable for the poor sod who's got to live with it - hence the question.
Gassing Station | The Lounge | Top of Page | What's New | My Stuff