Go Back  FlyerTalk Forums > Travel&Dining > Travel Technology
Reload this Page >

what companies ask employees to destroy laptops that have been touched by TSA or CBP?

what companies ask employees to destroy laptops that have been touched by TSA or CBP?

Old Feb 23, 2016, 9:22 pm
  #31  
 
Join Date: Dec 2003
Location: PHL
Programs: AA EXP, Marriott Lifetime Plat, SPG Plat, AMEX Plat, Hertz PC, Travels too Much Platinum
Posts: 3,290
Originally Posted by superangrypenguin
Untrue. Hibernate is a complete machine power off. If used with an encryption technology, say BitLocker + TPM, then Hibernate + Complete Power off = same risk profile.
The real problem there is one of user education - most don't know/care/remember the difference between standby and hibernate, so it's easier to do something such as disable the hibernation capability in the OS and tell users to do a full shutdown.

I work a lot of data breaches. We see stuff taken in the general manner of the video all the time, and from companies who "never thought they would be a target". I have had so many discussions that start off with company execs telling me "we just make ___, no one would bother to take our intellectual property/customer lists/pricing etc". The fact is, if you make money, even in lower margin businesses, someone else would like to make that money but not have the burden of innovation to do it. Why innovate if you can take? China is hardly the only offender here, but it does happen a ton there, and anyone in 2016 who does not assume their systems aren't compromised by default when they're traveling will almost inevitably be compromised soon - or already is.

The fact is that if you're somewhere where the opposition - with or without government assistance - can steal your stuff, they very well might. Business travelers tend to be easy to identify for all kinds of reasons (appearance, mannerisms, accent/language, etc) and most are not well enough versed in operational security to mount any kind of effective defense. And if the government at the destination is abetting or behind it, they may have already identified your pending arrival via passenger manifests, hotel reservations, or even public sources such as speaker lists at conferences, allowing even better planning.
phlwookie is offline  
Old Feb 24, 2016, 3:59 pm
  #32  
Suspended
 
Join Date: Jun 2009
Location: YYZ
Programs: AC E50K (*G) WS Gold | SPG/Fairmont Plat Hilton/Hyatt Diamond Marriott Silver | National Exec Elite
Posts: 19,284
Originally Posted by phlwookie
The real problem there is one of user education - most don't know/care/remember the difference between standby and hibernate, so it's easier to do something such as disable the hibernation capability in the OS and tell users to do a full shutdown.

I work a lot of data breaches. We see stuff taken in the general manner of the video all the time, and from companies who "never thought they would be a target". I have had so many discussions that start off with company execs telling me "we just make ___, no one would bother to take our intellectual property/customer lists/pricing etc". The fact is, if you make money, even in lower margin businesses, someone else would like to make that money but not have the burden of innovation to do it. Why innovate if you can take? China is hardly the only offender here, but it does happen a ton there, and anyone in 2016 who does not assume their systems aren't compromised by default when they're traveling will almost inevitably be compromised soon - or already is.

The fact is that if you're somewhere where the opposition - with or without government assistance - can steal your stuff, they very well might. Business travelers tend to be easy to identify for all kinds of reasons (appearance, mannerisms, accent/language, etc) and most are not well enough versed in operational security to mount any kind of effective defense. And if the government at the destination is abetting or behind it, they may have already identified your pending arrival via passenger manifests, hotel reservations, or even public sources such as speaker lists at conferences, allowing even better planning.
I don't disagree (e.g. I agree). I just wanted to point out that nuance as that poster wasn't 100% spot on. No harm, no foul
superangrypenguin is offline  

Thread Tools
Search this Thread

Contact Us - Manage Preferences - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.