Tech talk: Security state

A new US administration brings tightened travel security and more intrusive vetting, making for tougher transatlantic travel…

After coming into power, a string of president Trump’s Executive Orders that sought to ban certain Middle Eastern nationals from entering the US caught many by surprise. This was later amended, and confusion still reigns.

More recently in March, his administration banned large electronic devices being carried on planes from specified countries, which was then followed by the UK.

Business travellers have had a lot to contend with. “Ludicrous” is how one travel buyer responds to the device ban. “While security is paramount and non-negotiable, the lack of consistency in its implementation highlights either a severe breach of security or arbitrary process,” they go on to say.

“If there is a real risk, I want to know about it so that I, and my corporate travellers, can make educated decisions on what to do, or not do.”

It’s a common reaction among other travel buyers. Sarah Marshall, travel and security manager at DAI, adds: “The laptop ban is a tough one – on one hand safety is important, but the other hand, this ban seems arbitrary and confusing.”

On top of confusion and potential delays, there are concerns the increased costs for the airports of implementing enhanced security scans will be passed on to travellers, as well as a rise in compensation claims for lost or broken equipment for carriers.

Despite the frustration, one security expert, David Nordell, an analyst and member of the Centre for Strategic Cyberspace & Security Science (CSCSS), believes the ban is here to stay. “Intelligence that I’ve seen suggests terrorists are building battery bombs,” he says.

“It is plausible, as it fits in with what I know about concealed bombs. They are moving towards concealed bombs as there’s a much greater likelihood of success.”

He adds the choice behind Middle East countries is anything but arbitrary, as it is due to the sophistication of security: the region’s airports are lacking compared with their European counterparts. He argues one of the most efficient methods is “psychological screening”, noting Israeli airports where security personnel are specifically trained to look out for behaviour.

The decision to move devices to the hold of the aircraft makes sense, he says, because it factors in an extra step of security. However, he adds: “Have they implemented this properly? No.”

Anti-social behaviour

Nordell also argues airports today “are looking at yesterday’s threat”, explaining how the ban on liquids came after the detection of a single plot. More tomorrow than yesterday is social media. One proposed US ESTA visa amendment seeks to request applicants enter social media profiles.

A Department of Homeland Security filing dated February 21, 2017, proposes the following change: “Please enter information associated with your online presence – Provider/Platform – Social media identifier … This data will be used for vetting purposes, as needed, providing highly trained CBP officers with timely visibility into publicly available information on the platforms associated with the social media identifier(s) voluntarily provided by the applicant.”

Reports also suggest that US customs are requesting that passengers show their phones, and social media profiles – as well as sharing passwords.

In April, John Kelly, secretary of Homeland Security, told the Senate Homeland Security Committee he would keep searching travellers’ mobile phones and electronic devices at US airports.

“People I know are travelling without devices,” Darren Hodder, director of Fraud Consulting, says. “It will be interesting to see how far the US drills down. It’s way above and beyond any other nation.”

Pip English, global product leader – travel risk management at FCM Travel Solutions, says: “The regulatory environment for travelling to the US is in a heightened state of flux… many customers have been unsure of the exact locations affected and under what circumstances the electronics ban applies, others have asked if mobile phones are included, while for business travellers, concern over being able to work on the plane or the safety of their work laptops in the aircraft hold with confidential information on them, have also been concerns raised.”

Listen carefully

Meanwhile, Wikileaks recently revealed alleged classified CIA documents, detailing methods used to hack into smart TVs and website browsers to eavesdrop and extract data from unsuspecting users.

Do we live in an age of paranoia? There appears an underlying theme of surveillance, which in itself is harmful. Are the things that are designed to keep us safe turning against us?

Perhaps so, says John O’Sullivan, marketing director at Key Travel: “If you do want to be rigorous, it will affect your productivity – as you then don’t want to do anything, anywhere.”

Meanwhile, Hodder adds: “There’s a need to be more aware. I hate the term ‘internet of things’ but increasingly more things are online. More information is being shared, so you have to beware of devices.”

So where does the business traveller stand? One travel buyer says: “It’s not easy keeping on top of things when the goal posts move so frequently. There’s a lack of clarity surrounding the Executive Orders. We have to rely on our TMC and security specialist to provide us with up-to-date information.”

TMCs are being increasingly quizzed on the implications. Chris Vice, director of operations at Click Travel, says: “People are aware and just making the most appropriate decision for their flight bookings now… many clients have made checks with their insurance companies to make sure that they are covered for putting electronics, such as laptops, in the hold.”

And for O’Sullivan, it’s not an issue for his NGO customers, who were all “anticipating things with Trump”. “They can respond quickly, that’s their job, they respond on the hoof, it’s what they’re good at,” he adds.

Yet the US president has ushered in a new era of uncertainty. And while TMCs and organisations such as IATA and the GTMC adapt and react quickly with advice, it is only after regulations are put into practice that they become definitive.

As Hodder surmises: “We’re in a bizarre time at the moment. Some of Trump’s attempts to affect travel have been knocked back; it’s all a bit of an unknown.”

Data security checklist

With the electronic device ban in place, and airlines loaning laptops, Richard Bristow, director at Tamite Secure IT, argues businesses must now take even more care to secure commercial and customer data – and particularly in light of the upcoming General Data Protection Regulation (arriving May, 2018). Here’s his checklist…

•    Smart TVs should start to take part in a travellers ‘awareness routine’ in internet-connected hotels.

•    In meeting/conference rooms, business travellers should be aware of the possibility of monitoring from all sources.

•    Turn off Bluetooth devices, only use them in safe, private locations.

•    Businesses should ensure only authorised devices are connected to their networks.

•    Central back-ups should be regularly performed so if a device is lost or stolen it can be removed and shut down. Travellers’ hardware and data can then be replaced securely.

•    Note that public networks are insecure.

Subscribe to the BBT Newsletter

Join the Buying Business Travel newsletter for the latest business travel news.

Thank you for signing up!