Find answers, ask experts and talk with the procurement community
Do you want to deliver savings faster, reduce risks and transform functional performance?
Industry leading events
Inspirational leading procurement thinkers and innovators, providing unique opportunities to network and share best practice.
Almost one-third (31%) of travel buyers reported increasing concerns of threats to data privacy and security among colleagues who frequently travel, according to research conducted by the Association of Corporate Travel Executives and Global Business Travel.
Recent cyberattacks, including the high-profile ransomware attack that affected the UK’s National Health Service (NHS), have placed the integrity of corporate security measures and the risks posed to those people travelling for work firmly under the spotlight.
The primary objective of communication security is the preservation of the following requirements:
There are seven categories of threats, according to the US National Institute of Standards and Technology, which can prevent these requirements being met:
There are several techniques available to IT system designers to help them ensure their internal systems are protected. One of these is to ensure that secure protocols are implemented on all channels used to communicate with the system. We are probably all familiar with the lock symbol and "https" that replaces the "http" in the address box on our browser when purchasing goods online. What many will not know is that indicates that a security protocol is being used on the communications channel between you and the web server.
This security, or cryptographic, protocol should carry out, at a minimum, the following functions:
The most commonly used secure protocols use asymmetric cryptography for authentication of key exchange, symmetric encryption for confidentiality and message authentication codes for message integrity.
When thinking about how your employees stay connected while travelling abroad, your chosen solution should use encryption methods associated with wireless networks and mobile data. If procuring global roaming devices, they should piggyback on best practice in the telecommunications and internet industries, which would give little or no exposure to a hacker to get access an employee’s device and expose sensitive corporate data.
Importantly, a would-be hacker would have difficulty knowing where to start if there are no publicly available administrative interfaces to the back-end systems and no user interface to the roaming device itself.
Brendan McKenna is CTO of Uni-Fi Global. Uni-Fi Global provides roaming devices enabling secure, 4G connectivity at local rates worldwide
This contributed article has been written by a guest writer at the invitation of Procurement Leaders. Procurement Leaders received no payment directly connected with the publishing of this content.