A standard procedure in somewhat-security-concerned firms is that when you travel, you go and get a freshly installed travel laptop (a loaner) from IT dept, use it on the trip, and after the trip, you return it to the department that wipes out everything on the disk and re-images it.
This wouldn't protect against things like firmware-based malware, attacks that major three-letter spy agencies could deploy when they focus on a target, but because there is no absolute security and measures need to be balanced to the threat scenario, this is a model that works pretty well.
>A colleague of mine purchases fresh laptops for when he goes overseas and then never uses them again. He doesn't even work in an industry where commercial secrets are common. I'd hope that anywhere that features security implications or commercial secrets would also act at this level.
IMO that's an overkill. Why not just use ICloak [1] or Tails [2]? They are both Linux distributions which boot from USB stick without touching hard drive, randomize MAC address and give you access to Tor and other goodies.
I think the bigger concern (which has been backed up by recent research) is that there are vulnerabilities in the hardware that might be exploited to install malicious software. If that software lives in a BIOS or a hard disk firmware wiping your hard disk will not protect you.
That model may not always work well. At least one country I know of interviews you at your point of departure as to whether your IT department has recently had your laptop in their possession.
Sure they may interview, but how does that make the model not work? The answer is going to be the same every time: of course my laptop is regularly in the possession of the IT support organisation.
This wouldn't protect against things like firmware-based malware, attacks that major three-letter spy agencies could deploy when they focus on a target, but because there is no absolute security and measures need to be balanced to the threat scenario, this is a model that works pretty well.