You are most vulnerable to cyber attacks when you are traveling. According to a recent research report conducted on behalf of IBM Security, those who are traveling do not take all of the necessary precautions, connecting to unsecured public Wi-Fi, charging their devices at public USB stations, and using their private information on publicly accessible computers.
What should be especially worrying to companies is that people are more likely to engage in these risky behaviors when traveling for business rather than for pleasure, with only 13% saying that they have never connected to public wifi. Because employees often work while traveling, many business travelers connect to public hotspots and surf the web.
More than 1 in 7 travelers surveyed admitted to having their information stolen while traveling. In 2017, the travel and transportation industry was the tenth most targeted industry for cyber attacks, but the rankings have shifted dramatically. Recent data shows that attempted attacks on IBM customers revealed that in 2018, it was the second-most targeted industry.
Here are 15 tips to help you avoid putting your personal and business data at risk while traveling:
- Know your rights and the local laws before you go to a foreign country. Your local privacy rights, not to mention your federally protected rights as a citizen of your country, disappear at the border. If border guards request access to the digital contents of your laptop, you may have no choice but to provide it. Plan ahead and know your legal rights in that country and the rights the country may have to your data.
- Before leaving, reset all of your frequently used passwords. This includes PINs for a safe or security box in your hotel room. Take the effort to make sure your personal information is safe. Avoid using easy phrases or numerical sequences, including the all-too common “123456”. In the National Cyber Security Centre’s worldwide analysis of passwords belonging to breached accounts, 23.2 million accounts used this code. And if you’re a big music-lover or superhero fan, try to stay away from “blink182” and “superman”, the most common musical artist and fictional character used in passwords.
- Set up temporary email and cloud storage accounts. When it’s necessary to use a computer that doesn’t belong to you, work from these throwaway accounts. This is especially important if you plan to use hotel business center computers, which are clear targets for malware, keystroke recording equipment, and other cyber attacks while traveling.
- Leave personal data at home. Chances are, all your data is stored in the cloud. Before traveling, delete the local copy after disabling the sync feature on your laptop, so that there’s no important data left on your laptop. Make all your updates and edits on cloud-based copies while you’re away and re-enable the local cache when you return home.
- Protect copied data. Encrypt your information using products like Microsoft’s Active Directory Rights Management Service to make sure others cannot access it. Even if border guards or thieves gain access, it’s unlikely they’ll be able to view it later.
- Disable auto-connect on your phone. Although it’s a handy feature when used at home, it’s risky to use auto-connect while abroad. Before traveling, change this setting on your device so that you must manually connect each time you connect to the internet.
- Install anti-virus protection, host-based firewall, and host intrusion prevention software. This is one of the most effective ways to keep your personal data secure while aboard. Use a trusted brand of security software and update it regularly as new versions become available to make sure all security patches are applied. Also, turn off any file or network sharing features.
- Only work on secure network options. No matter where you go, steer clear of free Wi-Fi connections. Free internet access is appealing, but it’s also particularly vulnerable to security issues. If you must use internet cafes and free Wi-Fi hotspots, make sure it is not a fake Hotspot set up by hackers and do not log into personal accounts or use sensitive data.
- Disable Bluetooth connectivity. If Bluetooth is left on, nearby assailants can connect to your phone and potentially hack into your device.
- Make sure all your web surfing is protected by TLS-enabled HTTPS. Try to connect to secure websites only and avoid those trying to put fake digital certificates on your computer, which is a common practice among hackers. Remember that your two-factor authentication (2FA) methods may not work while you are out of the country due to the changes in your service plan.
- For business, Use your corporate VPN. If your company’s VPN connection uses split-tunneling, ask a member of the IT team to explain which traffic is secure and which is not secure. You can even use your own personal VPN router when traveling to make sure all connections are secure.
- Use a good privacy screen over your laptop display. This will keep wandering eyes off of your screen.
- Lock your computing devices anytime you’re not using them. This applies even in your hotel room when showering. Change the PIN numbers you regularly use on your phone, computer, and any other device you plan on accessing. This will help prevent a security breach should you misplace any of your devices.
- Be wary of accepting that free flash drive. Although malicious thumb drive attacks are generally uncommon, you may want to think twice about plugging in a USB drive that someone hands to you at a conference. All untrusted media should be approached with caution.
- Don’t share your current location with the world. Excessive sharing can create security threats in both your hotel room and at home. Think twice before using social media to advertise that your hotel room is empty while you’re out eating dinner or that your spouse and kids will be home alone for the next week. Wait until you return home to post about your travels so you can protect your assets and your loved ones.
Improve Your Security Techniques
Keep your staff members from making careless and costly mistakes that could put your organization’s information at risk while traveling. Cyber Security Tools for Today’s Environment, an 11-course program, is designed to help businesses improve their security techniques. It’s ideal for professionals in IT, computer science, and related fields who need to stay up-to-date on how to protect enterprise networks from potential threats. Connect with an IEEE Content Specialist today about training your organization on how to stay secure.
Barlow, Caleb. (21 May 2019). How Cyber-Secure Are Business Travelers? New Report Says Not Very. Security Intelligence.
Grimes, Roger A. (1 Jul 2016). 11 essential data security tips for travelers. CSO.
Picheta, Rob. (23 August 2019). How hackable is your password? CNN Business.
Grauer, Yael. (30 October 2015). Should You Plug That USB Drive Into Your Computer? (Beware Of Malware). Forbes.