Travel safety and security are becoming increasingly important in all companies. Travel related risks need to be managed in a holistic way.
Several concerns for business travellers
For business travellers there is often more urgency with these issues, as business interruption is an issue, along with greater concern about more severe incidents like kidnapping, terrorist attacks, and epidemics like Ebola and Zika. The increasing value of companies’ data as intellectual property also brings concerns about IT security and cyber threats while travelling.
Duty of care
Nordic companies are becoming more and more international, resulting in more employees both travelling and working abroad. The employer needs to take the possible implications into consideration, from ethical and legal perspectives.
“Duty of care means the employer’s comprehensive obligation to take care of its employees. It is both a legal and a moral obligation. Duty of care is emphasised when employees travel and work in foreign environments. It is about the employer ensuring that the employees are adequately protected while under employment, be it at home or abroad”, If’s EB (employee benefits) underwriter Hannele Sääksvuori says.
Duty of care consists of several different areas, and by considering and fulfilling these, the employer can ensure that the duty of care is carried out.
Careful planning and preparation
On a general level, planning can mean an up-to-date travel instruction, which is more in-depth than just the hotel category and reservation rules. The travel instruction creates the grounds for ensuring that nothing happens, as well as the framework for if something does. This means instructions to ensure that everyone knows who needs to act and how if something were to happen. These instructions should include crisis plans for more severe incidents.
Up-to-date information on the safety of the destination country, both gathered for the destinations and specifically for the trip, is another crucial part of preparing and planning. This should contain health safety information, such as possible epidemics and other health threats, and information on the political situation and other everyday safety concerns at the destination.
The state of the travelling employee’s health also needs to be considered e.g what possible acute or chronic health issues might affect travel or increase the risks while abroad. This is, of course, an area to be sensitive about, remembering privacy as much as possible.
Furthermore, it’s important that all planning, instructions etc. are documented as proof of duty of care.
Work safety and safety while travelling
Work safety at the destination is also an important fact to consider: what kind of environment the employee will be placed in, what kind of safety measures are in place in case of accidents, and what kinds of risks are included in the commute, and so on.
Safety while travelling, meaning safe transport and accommodation, is also to be considered: what kind of transport is chosen for travel to/from the airport and at the destination, and how safe this is; and what kind of accommodation is available at the chosen destination and what possible safety concerns might be related to that. Travelling in known dangerous areas or destinations has to be considered in more detail, and more detailed instructions need to be given.
“Ensuring that the travelling employees are adequately insured is one of the key factors in duty of care. The employer needs to make sure that the insurance coverage is sufficient and relevant, and one needs to ensure that special circumstances are also covered, such as ambulance flights to the home country in case of emergencies”, Hannele Sääksvuori says.
Another important thing to consider is a professional and capable partner in emergency services. Considering distance and time differences, this is often the first contact for the employee and an invaluable help in big and small emergencies.
“Cyber threats and the need to consider IT security are increasing fast. A company’s value is more and more tied to intangibles like data, intellectual property, and technology. This also brings an increased risk of cyber threats and theft. These are issues that need to be considered in every aspect of the company’s operation, but travel is an area where safety might be more easily compromised”, If’s chief information security officer, Peter Granlund, says.
There are a few easy areas to consider when trying to guard against cyber threats while travelling.
When it comes to keeping your devices secure, a simple rule goes a long way: don’t let your devices out of your sight. When travelling, keep your electronic equipment in your carry-on luggage to avoid potential in-flight loss or damage. Remember, too, not to leave valuable or sensitive electronic equipment lying around in your hotel room. Always lock up electronic equipment when it is not in use.
Password protection does not keep your devices from being stolen but will protect intellectual property. Always use passwords on all devices, and ensure that device encryption is enabled on computers and Android devices (it is done automatically on iPhones and iPads).
Even with password protection and encryption, thieves might try to hack into stolen devices. Enabling settings that erase all data if the password is entered incorrectly ten times can help ensure that no data can be accessed if the device gets stolen.
The importance of backups
To keep your data safe, also activate cloud backups of photos, emails, documents, and settings. Even if your device is stolen, if you have a backup then you don’t lose valuable data.
A few more useful tips are to keep your computer updated, so that all operating systems and applications run smoothly and securely, and to write your name and local address on the screensaver with a reward, in case the device is lost, making it more likely to be returned to you if it is found by someone after a theft.
Wi-fi and mobile security
“In addition to the physical devices, the connections used are a major threat to the security of your data”, Peter says.
“One of the clearest things is to stay away from unsecured networks. This includes public wi-fi at airports, railway stations, and cafes. This is especially important if you are accessing sensitive data such as internet bank or payment services”, Peter continues.
The risk with open wireless networks is that you never know who is connected and, in the worst-case scenario, eavesdropping on your traffic. Most of the major services on the internet today use encryption to protect login and subsequent traffic, but if you log into a service that does not use it, someone who is eavesdropping may see sensitive data in plain text.
In addition, if someone were to set up a wireless router with the same name as a known network, such as “Airport Wi-Fi”, your devices may automatically connect to that router if the signal is stronger. Then the person controlling the router can see the places you visit and can redirect your traffic to a page of their own, designed exactly like the original, but which actually steals your login details or gives the attacker access to your data. All of this can happen without you noticing it.
“Since June 15, 2017, the cost of so-called roaming, when traveling in other countries, has been removed within the EU, Norway, Iceland, and Liechtenstein. Since it is much harder to attack mobile networks than wi-fi networks, accessing data that is sensitive or has great personal or financial value should be done over 4G or 3G networks”, Peter says.
VPN a good security measure
One good security measure is to use a virtual private network, VPN.
In a VPN, the data traffic from your device is sent via an encrypted connection to the VPN provider’s internet connection, regardless of whether this is done over an unprotected wireless network or not. This makes it much more difficult for an attacker located close to you to eavesdrop on or redirect your data traffic.
Furthermore, should the VPN gateway that sends and receives your internet traffic be located in your home country, you may find it possible to access content that is not accessible outside your home country, such as streamed TV and radio channels. It is important to keep in mind that in some countries it is illegal to use VPN, so it is good to check in advance.