It always shocks me, how private some people feel, when being on the road. I myself have written hundreds of E-Mails on a train, read plenty of confidential prensentations, heck even worked on (probably) classified documents for my customers. It took me about four years and this nice foil that 3M sells for a magnitues more expensive than the production price could possibly be in order to realize that this is wrong.
Most of my fellow travellers however still mistake trains / airplanes and the according train stations / lounges / gates for something they are not: a private work environment.
Probably none of them would ever think about disclosing their health status via phone on the train, though they deal with data sometimes even more sensitve than that on a daily basis in public.
I turned this into a kind of sport. I try to find out for which company the person sitting next to me is working by just glimpsing on the notebook screen every now and then.
Physical security is one of the couterstones of every security concept, so is controlling access to corporate information. I’ve worked with major companies on this topics, I’ve helped selling a vast amout of technologies to acomodate this, though the simplest of all rules – keep private things private – seems to not apply in public transport.
I remember a nice comic that a large german computer magazine (c’t) printed a couple of years ago, showing a businessman in a crowded subway reading out his credit card’s digits and security information to his secretary over the phone – followed by “but don’t use anything less than AES-256 encrypted SSL connections”. Yeah, right. For all who thought that this was something that could never happen: it happened to me just a couple of weeks ago in a train, not with a credit card, but with Google Mail login + password.
Phone conversations tend to be more public than notebooks; though noone barely leaves the seat when recieving or even placing a phone call nowadays. I’ve not learned about passwords, IT projects, live breakups on the phone, but also about various erotic adventures (or at least chances not taken), familiy matters and views on colleagues or superiors.
Of course the ever-working businessman just HAS to be reachable and work all the time; that’s at least what the big telco companies, smartphone vendors, notebook producers want us to believe. But please: have you ever been so important that working on a concept or answering a phone call couldn’t wait 3-4 hours? If yes, have you had the chance to finish said document or place said call hours, days or weeks before traveling?
See? Procrastination is a big problem, more and longer travel times combined with us being told to feel guilty to not work when traveling adds up to the problem. But the easy solutions, like discipline, privacy or not doing anything for a moment just don’t come that easily to one’s mind. Maybe it’s the people’s fear of not being important?
And now for something completely different:
I’ve decided to try to a) blog a little bit more, b) try to focus on security related topics (for more presonal things, you can follow my twitter account) and c) try to reach a broader audience by switching the language.
Hope you’ll enjoy.