Welcome to the SecAware blog

I spy with my beady eye ...

27 Jun 2017

NBlog June 27 - laptop ban [UPDATED]

One of the workplace information risk and security issues worth discussing with management is the possibility of a total ban on portable ICT devices such as laptops, tablets and smartphones by airlines, and perhaps other forms of mass public transport.

At present, some ICT devices are banned from the cabin by some airlines on some routes, but it is not inconceivable that the ban might be extended given escalating terrorism and safety threats. I presume the only reason we are still allowed to take our explosive battery packs on board at all is the inconvenience and customer dissatisfaction that would follow if portable and wearable devices were completely banned - a typical risk-reward tradeoff.

As far as the security awareness program goes, whether and how a ban is extended is inconsequential: the point is to prompt the audience to think about how they would deal with that situation. It's a theoretical exercise at this stage, based on a credible scenario. What effects would it have on business travellers and information, and how might the organization respond? Considering and perhaps figuring that out now may put them ahead of the game if the ban is indeed extended. It's also a glimpse into the wider issues around workplace information security - so much more to this than just locking the office door at the end of a hard day's slog!

Gary (Gary@isect.com)

28 June UPDATE: Mike Eglan argues in Computerworld that we are perilously close to a total ban being imposed immediately, with zero warning, following a terrorist or blazing battery incident. Also Luke Bencie points out in Harvard Business Review that the risk of espionage increases when powerful information-rich people are separated from their ICT devices. Is this the perfect storm?

No comments:

Post a Comment