Brace yourselves. Customs and Border Patrol agents can detain you, ask you to unlock your phone or any other electronic device and leave with it to download all your data and do a thorough search on it before giving it back to you. Yes, it is a shock, considering they can do it without a warrant. Quincy Larson just wrote an article about this, which shocked us, but made us value the way we do things. Let me elaborate.
I’m not going to rewrite Quincy’s article, which you can find here. But I will tell you the gist of what he wrote. He starts by stating that it doesn’t matter how much security you use to encrypt your devices, if someone has physical possession of them and intimidates you to unlock them.
Quincy then mentioned the case of a US-born citizen that happens to be a scientist at NASA. Customs and Border Patrol agents detained him when he was flying back to the US from Chile. They told him that they would only release him if he gave them the password to unlock his phone. The fact that the phone belonged to NASA and had sensitive information meant nothing to them. He had no alternative but to unlock it. They then took it and gave it back to him after half an hour.
Customs and Border Patrol agents have software that can access absolutely everything in a phone, including the photos you have on social media, the WhatsApp messages you send, any documents saved on it, and more. Anything that is open by unlocking the phone can end up in a government computer.
The scariest part is that this is legal! The fourth and fifth amendment rights are not applied because the US border is outside of US jurisdiction. Quincy gave some good advice on how to protect yourself as an individual.
We are going to tell you how to protect your enterprise data. I mentioned earlier that we were happy about the way we do things. We already knew that many BI solutions are federated, meaning they keep data in separate users’ domains (i.e. their desktops, laptops, tablets, etc.) and that this poses a threat to data security. Keeping data in users’ domains potentially increases the chance of a data breach or leak. But hearing about this Customs and Border Control practice makes it so much more dangerous.
If users travel with their work computer or tablet, or if they keep data on their phones (mobile BI trending and all), there is a risk of sensitive data ending up on a government computer. And then, because of the practice to share data between government departments, if the information is available to less protected offices (like “a police station in the middle of nowhere”, thanks Quincy for illustrating this so well) it can be hacked and leaked.
The best practice is to use a centralized solution that runs on a web-based server, like Necto. This way, your users can travel and you do not have to worry whether the enterprise’s data is at risk. There is no data kept on devices. When you send a dashboard to a colleague, you send them a link to the dashboard, not the data itself. He will be able to access it only if he opens the link and introduces his credentials. And there is always a double log in, so the Necto app will not be casually open the way his Pinterest app might be.
In a case like the one mentioned in the article, the data will not be downloaded into a government computer. And this is just one example of how centralized BI solutions, especially Necto, can enable you to have the most secure and state of the art Business Intelligence.