9/11/2011

By Bill Brindle, CIO, Hogg Robinson Group

I was as shocked as everyone else by the News of the Worldscandal over the summer. However, as a chief information officer, one thing which did not surprise me at all was the ease with which private investigators hacked their victims’ mobile phones.

The mobile world is not yet a secure one, and that is a concern not only for CIOs but for travel managers as well. It explains exactly why a lot of companies have been reluctant to let employees start using their mobiles for travel or indeed any other corporate functions.

That in turn creates a headache for both travel managers and CIOs because mobiles and social media have become the way many people — especially younger members of the workforce — organise their lives. The influx of personal devices into the work environment also adds its own challenge as they are used for company business. It’s even getting to the stage where companies risk becoming unattractive employers if they do not operate in a more open world. So on the one hand there is no holding back the wave, but on the other hand we can’t let employees use mobile and social content without any corporate controls either.

Fortunately, solutions are slowly emerging to the mobile device and iPhones security problem. For example, there are now ways to work around employees who use Apple iPads for both private and business purposes. We can ring-fence the corporate functions on the employee’s devices so that we can immobilise them if the device is stolen.

However, technology isn’t going to provide all the answers. Travellers will need to learn some rules too. One is that certain websites or applications may be strictly off-limits for certain corporations. An obvious example is the social media location websites where users let other people know where they are. Examples include Facebook Places or Foursquare. Similarly, social media where users reveal their travel itineraries can also be dangerous from a security point of view. Most corporations simply don’t want the outside world to see where their people are travelling, for sound reasons ranging from industrial espionage to fear of kidnap.

Then there is the risk already discussed of hacking. Mobile apps which connect travellers to their Outlook calendar and contacts functions can be a particular danger here. Finally, there is the reputational risk: if travellers use a review-type website or Twitter to moan about a hotel they stayed in on business, they are effectively representing their company when making those remarks — and their observations could potentially be read by millions. Just look at the problems football clubs have with their players speaking out of turn on Twitter.

But since simply taking a “thou shalt not ...” approach is only going to alienate employees, both travel managers and CIOs like me have to find more constructive ways to rise to the mobile challenge. The solution is one of the oldest in the book: if you can’t beat ’em, join ‘em. In the case of hotel review sites, it makes good sense to launch your own one on your corporate intranet. It will be much more relevant and compelling for your travellers than, say, TripAdvisor, where many of the reviews are written by leisure travellers. The latest version of our booking tool, HRG Online, allows travel managers to set up exactly such a facility for their travellers.

It also makes good sense to satisfy travellers’ appetite for mobile by permitting, or even encouraging, those apps which enhance their travel experience and do no harm to the travel programme. One example is the excellent BA mobile app, where passengers can download their boarding passes and view all future flight bookings. Travellers are also starting to apply pressure to make bookings via mobile. Once again, we are helping our clients to respond. From September, they can make hotel reservations through the mobile version of our HRG i-Suite portal.

Booking air tickets has not yet really happened on mobile. It will come, but the problem is that a smartphone screen is on the small side for transactions of this kind. It is one reason why I believe tablets will become the dominant mobile device for corporate purposes. They can be fired up very easily, are less breakable than phones and, as discussed, the corporate functions on them can be disabled if necessary.

There is a lot for all of us to think about when it comes to mobile, therefore, but I am sure corporations will soon start to view the new technology as an opportunity rather than a threat. For now, I suggest these tips on how to manage mobile if you haven’t yet made a start:

- Research which devices your employees carry and which apps and mobile websites they use for travel purposes. Review constantly because the pace of change is enormous.

- Check how well each app and mobile website you identify in your research meets corporate policy on security. Liaise with your security department.

- Rewrite internal policies to specify which apps travellers can and cannot use (e.g. don’t use locator services like Facebook Places when on business).

- Be pragmatic: create options to satisfy employees’ mobile demands, e.g. offer a hotel review tool internally.

- Make sure any mobile tools you offer travellers are integrated with everything else in your travel programme — for example that any changes travellers make via mobile to their itineraries show up in their centrally held passenger name record. HRG’s mobile booking facility works off the same traveller profile as we hold on our agency desktop. Many mobile services are not integrated in that way, which means details like frequent-flyer and passport numbers may not be aligned.

Join us on