Another huge uncertainty factor is smartphone apps on employees’ mobile devices. Many of these allow direct access to sensitive company data, for example on the mobile phone.
According to the business travel association VDR, 65 percent of the companies have not given their employees appropriate guidelines for their use. This is extremely negligent and data security breaches are likely to hold companies accountable. Another underestimated risk are the executives on
It is not uncommon for them to make loud calls, for example in the business lounge at the airport, or to have a clear view of the company on their laptop or tablet, thus literally serving secret data to spies on a silver platter. Here it is important not only to clarify in advance, but also to determine possible sanctions.
Another, not less up-to-date data protection problem arises in particular with foreign assignments in crisis regions. More and more travel service providers are offering traveler tracking tools. With this software, the whereabouts of employees can be determined at the click of a button to organize help immediately in the event of an emergency. For example, if the expatriate goes for a life-threatening medication, his company could ensure that the service provider brings the remedy to the employee on site within a few hours. The question of where the employee currently resides, is part of the crisis management of companies. The basis of such tracking systems are the travel and booking data of the respective posted employees. For example, the so-called PNR data (Passenger Name Record) are imported into the tracking software via interfaces from the various booking systems during flight booking. If there is a crisis situation (for example, terrorist attacks, political unrest or natural disasters), the service provider checks within a few minutes, where the employee is at the appropriate moment and can evacuate him.
However, it is questionable to what extent this is compatible with the new data protection rules, because ultimately it is easy to create a comprehensive personality profile on the basis of this data, which the employee does not want it to fall into the wrong hands.