Olympic Security, China and Intellectual Property
CSO's publisher says you should think twice about employees (or family or friends) headed to China for the Olympics, and what data they might be bearing
By Bob Bragdon
July 16, 2008 — Occasionally it's tough to write a column—not for a lack of topics, but because the topics all seem so old: browser vulnerabilities, more government regulations, the latest and greatest breaches, the Celtics' victory over the Lakers (apologies to Lakers fans, but I'm from Boston), and so on.
Then last month I had dinner with a group of security and technology folks in San Francisco, and Jason Hoffman from Kaiser Permanente handed me a topic on a silver platter. Jason asked what businesses are doing if their employees are attending the Summer Olympics in Beijing. Are organizations securing the corporate secrets that may be on the laptops employees carry into China?
Over the years I have heard many stories from CSOs about their encounters with state-sponsored IP theft and industrial espionage. Those stories, while including many countries, have usually focused on two nations in particular: France and China. It just so happens this year that the Summer Olympics are being held in Beijing, a nation noted for its accelerating economy, utter lack of intellectual property protections and talented intelligence services. This is a risky mix to encounter when you are trying to protect corporate secrets.
Nations around the globe have long focused on stealing corporate IP in order to give their native businesses an advantage. The former Soviet Union was very good at this during the Cold War, and even friendly states have been caught on occasion targeting their allies.
I don't want it to seem that I am China-bashing here, because that is not my point. The point is: What steps are you taking to protect your employees and the intellectual property that they may be carrying with them when they travel abroad? Remember that the Chinese government filters Internet access, preventing those within the borders of China from getting to certain domains that may be deemed contrary to the benefit of the state (think back on the whole Google issue a few years ago). It's not too much of a leap from there to imagining someone snooping around on your computer when you are online in your hotel room or at an Internet cafe.
My advice to you is that you think about these issues, and not just in terms of China. Protecting mobile data is one of the toughest challenges facing CSOs today. I know that most of you are struggling with it. However, a stolen or lost laptop usually just ends up being fenced with little regard for what's stored on the computer. When other nations are involved, they understand that there is a different type of gold in that same laptop that can reap them millions of dollars in benefits.
If you are attending this summer's Olympics, have a great time and make sure you bring a hard copy of CSO magazine to read. After this column, you may have a difficult time accessing CSOonline.com from mainland China. ##
Other stories by Bob Bragdon