Assume an information security incident manager arrives at an airport carrying a corporate laptop with confidential information on an encrypted partition. This information is classified as confidential by the employer, and disclosure of the information is a violation of contractual agreements between employer and employee.
At the border check, officials ask the employee to provide his password, so they can check the content of the laptop. Should the incident manager comply, and provide credentials, which would mean disclosure of confidential corporate information ? Or should he ask the customs officials to contact his employer in order to obtain permission to disclose the information stored on the laptop ?
Share us your thoughts.