That won't fly: How new airplane rules could affect you

The long view of security strategies for your network.

As readers will no doubt be aware, on Aug. 10, British police arrested 21 people suspected of plotting to blow up planes flying from the U.K. to the U.S. In the wake of these police actions, the U.K. Department of Transport issued new, stricter regulations limiting what passengers can take into aircraft cabins.

The press release of Aug. 10 specifically allows only the following - and everything must be placed in a transparent plastic bag, not in pockets (quoting exactly):

* Pocket-size wallets and pocket-size purses plus contents (for example money, credit cards, identity cards etc (not handbags)

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

As readers will no doubt be aware, on Aug. 10, British police arrested 21 people suspected of plotting to blow up planes flying from the U.K. to the U.S. In the wake of these police actions, the U.K. Department of Transport issued new, stricter regulations limiting what passengers can take into aircraft cabins.

The press release of Aug. 10 specifically allows only the following - and everything must be placed in a transparent plastic bag, not in pockets (quoting exactly):

* Pocket-size wallets and pocket-size purses plus contents (for example money, credit cards, identity cards etc (not handbags)

* Travel documents essential for the journey (for example passports and travel tickets)

* Prescription medicines and medical items sufficient and essential for the flight (e.g., diabetic kit), except in liquid form unless verified as authentic

* Spectacles and sunglasses, without cases

* Contact lens holders, without bottles of solution

* For those traveling with an infant: baby food, milk (the contents of each bottle must be tasted by the accompanying passenger) and sanitary items sufficient and essential for the flight (nappies, wipes, creams and nappy disposal bags)

* Female sanitary items sufficient and essential for the flight, if unboxed (e.g. tampons, pads, towels and wipes)

* Tissues (unboxed) and/or handkerchiefs

* Keys (but no electrical key fobs).

All other belongings must be stowed in checked luggage.

As I read these rules, business travelers, such as the readers of this column, who may need to fly to the U.K. and back from the U.S. will have to consider some information security issues.

First of all, nobody is going to be bringing laptop computers, cell phones, PDAs or even watches onto the aircraft. That restriction means that confidential information stored on such devices (yes, my DataLink watch has confidential information on it) may now be exposed to greater threat than if the devices were kept with the passenger. Anyone planning to allow baggage handlers to have access to laptop computers and such would do well to act on security experts’ repeated pleas to use disk encryption.

On a personal note, my PDA uses strong encryption for confidential data, and my watch has a password on the “Note” section where I store such things as bank account numbers.

Not having your computer with you on a transatlantic flight may change your perspective on the productivity costs of international travel. I recommend you bring a good book, because you sure aren't going to be answering e-mail, writing that management report you intended to finish, or even watching DVDs or listening to CDs or your iPod. And forget the sound-suppressing earphones: I don't see those on the approved list, either.

It is possible that we will see an increase in the relative value of electronic conferencing, perhaps including Web-camera feeds for videoconferencing in lieu of physical transatlantic meetings. If similar restrictions come to be applied in the U.S., the same cost/benefit calculations may reduce business air travel and increase virtual meetings. We will have to pay better attention to the security of such communications; VPNs will become standard operating procedures for any kind of confidential information interchange at such meetings.

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services and teaching. He is Chief Technical Officer of Adaptive Cyber Security Instruments, Inc. and Associate Professor of Information Assurance in the School of Business and Management at Norwich University. Visit his Web site for white papers and course materials.