Your data and security are most at risk when you travel. According to a recent research report conducted on behalf of IBM Security, many travelers give little consideration to risky activities such as connecting to public Wi-Fi, charging devices at public USB stations, and logging into publicly accessible computers.
What should be especially worrying to companies is that people are more likely to engage in these risky behaviors when traveling for business rather than for pleasure. Because employees often work while traveling, many business travelers connect to public hotspots and surf the web. Only 13% of business travelers said they never connect to public Wi-Fi.
Over 1 in 7 travelers who participated in the survey said they had their personal information stolen at least once while traveling. The travel and transportation industry was only the tenth most targeted industry for cyber attacks in 2017, but the rankings have shifted dramatically. An analysis of attacks attempted against IBM customers found that the travel and transportation industry became the second most targeted in 2018, surpassed only by the financial services industry.
Here are 15 tips to help you avoid putting your personal and business data at risk while traveling:
- Know your rights and the local laws before you go to a foreign country. Your normal privacy rights, not to mention your federally protected rights as a citizen of your country, disappear at the border. If border guards request access to the digital contents of your laptop, you may have no choice but to provide it. Check ahead of time to understand the legal rights that the country may have to your data.
- Before traveling, change all the passwords you regularly use. Similarly, if you must create a PIN for a safe or security box in a hotel room, make sure it’s unique. Take the time to create something that will keep criminals out of your personal property. Avoid using easy phrases or numerical sequences, including the all-too common “123456”. In the National Cyber Security Centre’s worldwide analysis of passwords belonging to breached accounts, 23.2 million accounts used this code. And if you’re a big music-lover or superhero fan, try to stay away from “blink182” and “superman”, the most common musical artist and fictional character used in passwords.
- Set up temporary email and cloud storage accounts. When it’s necessary to use a computer that doesn’t belong to you, work from these throwaway accounts. This is especially important if you plan to use hotel business center computers, which are obvious targets for malware, keystroke recording equipment, and other cyber attacks while traveling.
- Leave the data home. Chances are, all your data is stored in the cloud. Before traveling, delete the local copy after disabling the sync feature on your laptop, so that there’s no important data left on your laptop. Make all your updates and edits on cloud-based copies while you’re away and re-enable the local cache when you return home.
- Protect copied data. Data encryption schemes, like Microsoft’s Active Directory Rights Management Service, encrypt data from unauthorized eyes no matter where they copy it. Even if border guards or thieves get to your data, it’s unlikely they’ll be able to view it later.
- Disable auto-connect on your phone. Although it’s a handy feature when used at home, it’s risky to use auto-connect while abroad. Before traveling, change this setting on your device so that you must manually connect each time you wish to access the web.
- Install anti-virus protection, host-based firewall, and host intrusion prevention software. This is one of the most effective ways to keep your personal data and company information secure while traveling. Use a trusted brand of security software and update it regularly as new versions become available to make sure all security patches are applied. Also, turn off any file or network sharing features.
- Always choose the most secure network option available. It doesn’t matter whether you’re traveling domestically or abroad, be wary of all free Wi-Fi connections. Free internet access is appealing, but it’s also particularly vulnerable to security issues. If you must use internet cafes and free Wi-Fi hotspots, avoid accessing personal accounts or sensitive data while connected. Make sure you’re connecting to official hotspots and not fake Wi-Fi access points set up by hackers.
- Disable Bluetooth connectivity. If Bluetooth is left on, nearby assailants can connect to your phone and potentially hack into your device.
- Make sure all your web surfing is protected by TLS-enabled HTTPS. Be sure that any wireless connections you use aren’t trying to place fake digital certificates on your computer, which is a common practice among hackers. It’s also important to remember that your two-factor authentication (2FA) methods may not work— especially if your cell phone’s voice or data service doesn’t work abroad.
- Use your corporate VPN whenever possible. If your VPN connection uses split-tunneling, understand which traffic is secure and which is not secure. You can even use your own personal VPN router when traveling to be sure all connections are protected.
- Use a good privacy screen over your laptop display. This will keep prying eyes off what you’re reading or typing.
- Lock your computing devices anytime you’re not using them, even in your hotel room when showering. While traveling, change the PIN numbers you regularly use. This will be your first line of defense against a security breach should you misplace any of your devices.
- Be wary of accepting that free flash drive. Although malicious thumb drive attacks are generally uncommon, you may want to think twice about plugging in a USB drive that someone hands to you at a conference. All untrusted media should be approached with caution.
- Don’t share your current location with the world. Excessive sharing can create security threats in both your hotel room and at home. Think twice before using social media to advertise that your hotel room is empty while you’re out eating dinner or that your spouse and kids will be home alone for the next week. Wait until you return home to post about your travels so you can protect your assets and your loved ones.
Improve Your Security Techniques
Keep your staff members from making careless and costly mistakes that could put your organization’s information at risk while traveling. Cyber Security Tools for Today’s Environment, an 11-course program, is designed to help businesses improve their security techniques. It’s ideal for professionals in IT, computer science, and related fields who need to stay up-to-date on how to protect enterprise networks from potential threats. Connect with an IEEE Content Specialist today about training your organization on how to stay secure.
Barlow, Caleb. (21 May 2019). How Cyber-Secure Are Business Travelers? New Report Says Not Very. Security Intelligence.
Grimes, Roger A. (1 Jul 2016). 11 essential data security tips for travelers. CSO.
Picheta, Rob. (23 August 2019). How hackable is your password? CNN Business.
Grauer, Yael. (30 October 2015). Should You Plug That USB Drive Into Your Computer? (Beware Of Malware). Forbes.