Over the weekend I received an email from one of our readers who asked: "I travel to China extensively on business and wonder what risk there is for my laptop and/or smart-phone to be compromised by others while I'm there?"
RESPONSE:
First, a general statement: If you are employed by a company indigenous to a developed country; are based abroad, but work for a company based in a developed nation; or handle sensitive business information that may be of interest or use to the Chinese government, you should consider yourself high-risk when traveling inside China.
Although a response in this form cannot be all-inclusive, I would like to offer some suggestions to not only our reader who posed the question, but to our growing readership as well:
RESPONSE:
First, a general statement: If you are employed by a company indigenous to a developed country; are based abroad, but work for a company based in a developed nation; or handle sensitive business information that may be of interest or use to the Chinese government, you should consider yourself high-risk when traveling inside China.
Although a response in this form cannot be all-inclusive, I would like to offer some suggestions to not only our reader who posed the question, but to our growing readership as well:
- Regarding smart-phones in all forms, I would suggest NOT taking them to China if at all possible, given the high risk of their being compromised. Generally, I suggest that travelers print their contact list in hard-copy format before departure and use that list to contact people while in China;
- If smart-phones must be taken to China, they should be turned off as much as possible and not used for voice or email communication;
- If at all possible, try to avoid taking a laptop with you to China. If you must take one, it should only contain the necessary applications and files minimally necessary to do your work. If you must take a laptop with you, it should REPEAT should never leave your possession;
- For voice communications only, purchase a quad-band, GSM UNLOCKED cell phone for voice communications while in China. This phone should NOT be used for email communications on proprietary email systems, as they can be easily compromised. These phones are great in that they'll work anywhere in the world;
- If you must take a laptop with you, it should ALWAYS be shut down when not in use;
- NEVER use hotel business centers for the reproduction of business documents and NEVER use such centers for communicating via email;
- As an alternative to taking a laptop to China with you, consider taking an external drive or a flash-drive that contains the necessary applications and files that are needed;
- Assume that all voice and email communications have been compromised;
- Prior to departure, contact those in China who will be supporting your trip and determine whether they can make arrangements for you to have secure use of computers and email systems while there;
- If you have no support mechanism in China, take a small laptop with minimal applications and files, a quad-band, GSM unlocked mobile phone for voice communications and use a public email account (e.g., gmail, yahoo, etc.) for limited email communications;
- If possible, carry a portable shredder with you for the destruction of all business documents; and
- If traveling to China on business, ensure that you have a business visa.
