Australian airport security – does it break your IT department’s policy?

Image (1) canberra-airport.jpg for post 1564

Australian airport security generally requires that you take your laptop out of your bag and submit it separately for scanning. But anyone passing through the checkpoint can pick up another person’s belongings, whether by accident or design. And non-travellers can then leave the secure area immediately, returning to the public part of the airport. (Policing who collects what at Australian airports is left, as the textbooks say, “as an exercise to the reader”.)

Since many laptops look alike, I therefore try to arrange the sequence in which I submit my possessions so that I and my laptop pass through the checkpoint at the same time. This means I don’t have to leave my laptop flapping around unattended on the other side of the X-ray machine whilst I await my turn at the metal detector.

Yesterday, however, entering Canberra airport, the metal detector was set to “detect a paperclip” sensitivity, and my usually-unremarkable shoes triggered an alarm. Returning to the X-ray input chute and taking my shoes off meant that my laptop passed quickly and completely out of my sight and control, in a place thronged with people.

Realising, at least in theory, that I had just gone outside Sophos’s IT security guidelines, I spoke to the duty manager at the security checkpoint. “Do you take any sort of responsibility at all for my belongings when you separate me from them during screening?”

He smiled very pleasantly and announced, in the proudly polite but certain tones of one sharing an unassailable religious doctrine (which, I suppose, is exactly what he was doing), “No responsibility whatsoever, Sir!”

I was surprised to hear this. Given the worldwide concerns about airport security, I’d have thought that the Federal government would require the private companies which operate the checkpoints to provide some sort of assurance about, and to take at least some sort of responsibility for, the security of the objects they are required to screen.

In Singapore airport, for example, a simple numbering system matches the tray in which you place your laptop with a plastic ticket you are given. The security officer checks your ticket against your laptop on the other side of the checkpoint to make sure you are picking up the right one.

In Australia, reclaiming laptops is pretty much a free-for-all. So with claims that 12,000 laptops are lost each week at American airports, and with me working for a company which sells security and control software, I’ll make a recommendation.

Don’t leave home without full disk encryption!