India, with a population of a billion people and counting, is the second largest online market in the world with 500 million active internet users
By Andy Watson
As Newton put it many years ago, ‘every action has an equal and opposite reaction’. As digital opportunity rises and companies rush to implement digital transformation, the opposite reaction to this is the rise of data breaches and thefts. It’s especially true when it comes to the travel industry as there have been a few data breach incidents in the recent past. Some international hotel chains and aviation brands faced data breaches in the form of personal details of their guests and customers being compromised.
This does not mean that the travel industry is not trying to minimise threats and work towards better security and safeguards against such thefts. Many companies are actively trying to help corporate travellers protect valuable business data. But travel has always been a complicated endeavour and business travel specifically involves high-risk data with different entities located around the world. Business travel is increasingly driven by data-powered consumer technologies that can cause privacy problems if they are not handled carefully. With the European Union’s General Data Protection Regulation now in force, it’s imperative for companies to treat GDPR compliance as an opportunity rather than a risk.
How to minimise data risks with business travel
- Integrated travel expense and management – Using an integrated data management tools/platform that provide end to end solution in a seamless and simplified manner – from booking business travel, completing an expense claim is a good way to protect data. Such a platform will utilize stringent measures to maintain data integrity by capturing itinerary and e-receipts directly from suppliers, updating corporate credit card transactions and managing cash advances
- Ensuring compliance – Companies also need to either implement or revamp their company’s travel policies as soon as possible. This will ensure that the employees duly follow the rules and will help them make the right travel decisions
- Educating employees to take steps to maintain privacy and security – Enterprise need to ensure that their employees take personal steps to safeguard themselves – e.g. using a privacy filter on laptops/tablets; PIN/password usage/lock alarms/ or using a juice-jack protector to protect against data skimmers etc. when not using the device. This will help in maintaining company wise theft and ensure personal compliance as well
- Using new technologies to fight data breaches – For instance, blockchain presents numerous opportunities to improve travel and expense management. Beginning with identity verification, eliminating awkward exchanges with passport control to loyalty and bonus programmes, the world’s most secure ledger can help in tightening information security in T&E. Similarly, automation via AI/ML can also prove beneficial.
India, with a population of a billion people and counting, is the second largest online market in the world with 500 million active internet users. Internet perpetration has grown exponentially here due to the growth of start-ups, e-commerce companies and advanced technology offerings across industries. One of the reasons for industry bodies such as NASSCOM and Data Security Council of India (DSCI), and corporate organisations to have encouraged the need for a strong data protection law in the country. Last year, the Srikrishna Committee submitted its recommendations on data privacy management and drafted legislation on data protection. Technology companies and start-ups are now pushing for this law so that customers can be safeguarded from breaches and thefts.
The new requirements basis GDPR and India’s legislative framework can be significant for travel management companies who keep large amounts of traveller data in the form of personal traveller details and preferences and share the same with third party service providers. Travel management companies are inherent ‘data control points’ and directly responsible for compliance with GDPR and other data privacy laws. In the near future, the data privacy protection embodied in these laws will become the new normal across the world.
With the pace of digital transformation rapidly increasing in India, the country will be able to create $1 trillion of economic value from the digital economy in 2025 with half of the opportunity originating in new digital ecosystems, as per a recent study by the Ministry of Electronics and Information Technology and McKinsey & Co. This holds true for the travel industry also and makes it even more important for companies to make sure data thefts are minimized and compliance is ensured for a better, secure and profitable future.
The author of this article is the Senior Vice President & General Manager, Asia Pacific Japan and Greater China, at SAP Concur