20 Cybersecurity Tips for Summer Travel
When Covid-19 entered our lives in 2020, travel exited. Conferences, events, and meetings abroad were traded in for virtual spaces. As we’re finally transitioning back to in-person activities, we're traveling again too. And whether employees are traveling for business or pleasure, companies need to consider the cybersecurity implications of that travel. It’s easy to understand how physical safety is put at risk when you travel: you’re exposed to new modes of transportation, environmental factors, and tourists are often given extra attention from pickpockets and scammers. But did you know your data is also at a greater risk when you travel?
Here's What Your Business Needs to Know About Data Security While Traveling:
Why Traveling Poses a Risk to Your Business
It’s not only personal data that’s at risk—every time an employee travels with devices containing company data (this can be something as simple as the email app on their phone), they put their employer’s data at risk too. Cybercriminals are always on the lookout for opportunities, and the surge in summer travel presents an excellent opportunity for cybercrime. Today’s criminals can steal information rather stealthily using a host of constantly evolving technologies. Here are just a few common threats that travelers may come across:
- Business Email Compromise—texts, emails, and other phishing activities that disguise themselves as routine communications. This content will often be from what seems like a trustworthy source but are actually bad actors trying to uncover confidential data (often passwords to high value accounts).
- Installation of malware via public networks—these attacks are often hard to detect, as cybercriminals have become good at concealing their actions from the untrained eye.
Our Top 20 Tips for Secure Travel
Before you embark on a trip:
- Back up the data on your devices using cloud storage or an alternative device in case of damage or loss.
- Update all software and applications on your devices.
- Remove any sensitive data that you won’t need during your travels.
- Change passwords and PIN numbers across applications and devices.
- Invest in an RFID wallet or cardholder to protect data from skimmers.
- Invest in a privacy screen for your mobile devices.
- Research cybersecurity laws, compliance requirements, and best practices in the country you’re visiting. Some countries have weaker protections than others regarding data.
Avoid these common mistakes:
- Using public Wi-Fi and shared devices. While these offerings can be convenient, attackers can use these connections to steal important data like contact information and passwords. Unless you can confirm the security of a network, your personal mobile connection will be more secure than a public network. If you do need to use public wi-fi, ensure your devices have VPNs (virtual private networks) for additional security.
- Leaving devices unlocked or unattended for any amount of time in a public place.
- Bringing devices you won’t need on your trip.
- Plugging in devices to shared charging stations. If you are going to plug your devices into a shared charging station, make sure you're using a charge-only cable that doesn't transmit data.
- Downloading software from any unverified source.
If you need to use public Wi-Fi or computers:
- Turn off automatic connectivity. You should stay connected to public networks for as little time as possible.
- Try logging in with an incorrect password. If the wrong password works, the network is likely unsafe.
- Avoid tasks, including online shopping and banking, which would require privileged information to be shared on the network.
- Only visit sites beginning with https:// to make sure they are using encryption.
- Occasionally disconnect from and reconnect to the network while you’re using it.
- Consider using a VPN.
After your trip:
- Change all passwords and PIN numbers.
- Have your IT department inspect devices for issues.
Making Security a Top-Down Initiative
You’ll need to make sure you have a cybersecurity policy in place for your organization. Consider compliance requirements for your business, as well as cybersecurity expectations and training for employees. Employees are a huge risk for organizations when they travel, as they often have access to private company data and may not have an effective personal cybersecurity framework in place. At the organizational level, cybersecurity can be improved by:
- Providing employees with cybersecurity training.
- Investing in a corporate VPN (Virtual private network) to encrypt data on public and private networks.
- Keeping all software and applications up to date. Updated security patches are important whether employees are working on the road or in the office.
- Ensuring all 3rd parties (partners, contractors, etc.) are aware of and fulfilling your cybersecurity policy. This is especially important when coordinating events.
Even if your employees don’t travel for business, they are likely to travel with your business’s data. If you don’t have updated cybersecurity policies in place, your risk of a data breach or attack will be much higher when your employees travel this summer. That’s why iCorps offers outsourced solutions to keep your business safe online. Reach out today for a free consultation today!