You should never cross any border, US or otherwise, with a mobile phone, laptop, or any sensitive documents. Neither should your employees, if their device are user for work.
This is not a new revelation. Industrial espionage by spy services has been ongoing for a very long time.
The organization should have a number of laptops designated solely for international use. They should be restored to the org's "gold image" and kept "in stock" and available.
Prior to leaving on an international trip, the traveler "checks out" a laptop from I.T. for the duration of his trip. No personal or business data should exist on the data at this point. Once destinated, the needed business data can be downloaded to the laptop over a secure VPN back to company HQ.
Prior to returning, the traveler will run a "clean up" script that I.T. has developed. This script will upload any business documents that have been created or obtained while outside of the U.S. back to company servers (over that VPN) and then wipe the data from the laptop. Alternately, the laptop could have a partition set up that, when booted to, starts the reimaging process (sorta like how consumer PCs have a "restore partition"). This would be done, obviously, before returning to the U.S.
When the traveler has arrived back in the U.S., s/he returns the laptop to I.T. who again image it with their gold image and store it for the next user who needs it.
It wouldn't be that difficult or that much of a PITA, IMO -- it all depends on how important the data is to the company. It would likely require a change in policy and some users would almost certainly complain about it. Oh well.
I've heard of companies that consider any electronics thats ever been taken to China to be no longer useable on the company network. Their approach is to consider those devices "disposable". If ou take a laptop to China, buy a replacement when you get home and give the old one away - its never to be connected to the internal network again.
At a previous job (.edu), we discovered a compromised host and shortly thereafter found that it was the laptop of a professor who had just returned from China.
More like all users would complain. Don't get me wrong, it sounds like like a good solution, but you would be amazed at the recalcitrance of users asked to do something new or different. Plus, your infrastructure and user workflows have to be able to support such a setup. If a user who travels a lot is utterly dead in the water without his dozen 10GB email archive files, and the VPN is a tiny 1mb/s pipe for the whole globe, the above isn't a particularly viable idea.
Most email clients let you store your archive online. Exchange certainly does - I can search from my phone, which only stores the last week's work email locally.
The typical business traveler doesn't need gigabytes and gigabytes of documents. If you are traveling and need sensitive documents, buy a new laptop at your destination and load the data you need on it. When leaving, wipe it and leave it in a place where you or another employee can pick it up next time they are in that country.
It's unfortunate that business people (as opposed to programmers) typically don't have something as compact and transferrable as dotfiles for getting up and running on a branch new machine.
The question is how to travel with a new set of private keys securely so you don't give them up on exit. Coming back isn't a problem because you can just revoke access for that temporary public-private key pair before you log off during your last ssh session before returning to the country.
I don't think this is practical now. But it is a known problem and solutions for quickly getting a machine up and running are getting better and better. I imagine that a chef or puppet script could be used on the new machine to get everything up and running. You just need to ssh in once to fetch the script that would set up the machine at your destination.
This is not a new revelation. Industrial espionage by spy services has been ongoing for a very long time.