With Memorial Day as the unofficial start to summer, we’d like to remind you that hackers and scammers don’t take vacation. Whether you’re vacationing or taking a business trip, traveling by car or by plane, make sure cyber security is on your checklist.
Wombat Security Technologies, based in Pittsburgh, offers up four critical tips from its security awareness and training materials that leisure and business travelers can implement to stay safe during trips of all kinds.
Stick to the Travel Basics
Many travelers think about packing light when it comes to clothes and toiletries. Well, this advice applies to mobile devices and personal data as well. Here’s how to streamline:
Leave data-packed business devices and materials behind whenever possible. If you don’t think you’ll use it, don’t take it. Ask yourself, “Is this business critical?” If the answer is no, it shouldn’t make the trip.
Also, explore the possibility of using a disposable phone and laptop when traveling, particularly if you are an executive, manager, or business insider who deals with highly confidential data. This approach allows you to maintain connectivity without exposing the contact lists, files and sensitive information that are stored on daily-use devices. If your organization doesn’t support this type of service, make the case for building a small repository of devices that can be issued prior to travel and then be wiped clean afterward.
Relatively simple physical security measures can be the difference between keeping data safe and suffering a breach. Remember these basic tips to help keep devices (and the data they contain) secure while you’re on the go.
Don’t leave devices unattended in public, not even for a few moments. It can be tempting to put you smartphone off to the side while you check your bags at the airport or to leave your laptop sitting on the table while you got to the cafe counter to get a refill. Thieves are opportunistic; they can snatch up your device in a second while you’re not looking.
Keep devices concealed as often as possible, particularly when in a crowded place. Many smartphones, particularly iPhones and newly released devices, are coveted by criminals, and there have been known instances of particularly brazen thieves swiping phones right out of unsuspecting users’ hands and disappearing into crowds. Keep your smartphone tucked safely in an interior pocket of your jacket or bag when not in use, and consider using a wireless headset when “walking and talking.”
Securely store your devices if you leave them behind. Naturally, your safest bet is to keep items with you, but sometimes that’s not practical while traveling. Remember that a hotel room is not secure; many people have access, and staff members often enter your room while you’re not there. A hotel safe is a better choice than leaving items out in the open or barely concealed in a suitcase (though even these safes shouldn’t be trusted to adequately secure devices that hold highly confidential data).
Turn off automatic check-ins and location tracking. In this age of social sharing, people often think nothing of revealing their favorite haunts and places to visit. The problem with automatic posts is the lack of control. Before long, routines and habits are spelled out for the world to see. These activities can reveal where you are (a confidential business trip or meeting, perhaps), but they also reveal where you aren’t. Scammers and criminals like to tap into schedules because it gives them more information about who you are and what you do.
Save the vacation posts until you return home. As with check-ins, the social updates you post while out of town make it clear that you’re not at home and you’re not at your office. Many people have hundreds of social connections and followers, and a vast number of those online relationships are superficial. If you’re 1,000 miles away and you’ve let everyone know that you’ll be off the clock for a week, this creates a window of opportunity for a criminal to climb through. Though it’s tempting to detail your travels in real time, it’s important to consider the potentially negative ramifications of sharing this information.
Be careful about Bluetooth connections. You may think nothing of pairing your smartphone to rental cars and other convenience devices. But did you know that information is sometimes stored after you terminate the connection? That means that your contact lists and other data could be left behind on, for example, a car that doesn’t belong to you. Before you turn in your keys, make sure your data has been deleted.
Be Cautious of Open Wi-Fi
Many people set their phones to find and connect to accessible Wi-Fi networks. While this approach can help reduce your mobile data consumption, it can also expose you to significant risks. Open Wi-Fi, regardless if it’s paid or free, must be approached with caution. Why? Because any Wi-Fi network not protected by a password is vulnerable to attack.
Check before you connect. Did you know that names of Wi-Fi networks are manually created? This means that anyone can name a network anything they want. Scammers often set up rogue networks with names that sound trustworthy, such as Airport Wi-Fi, to seem legitimate or confusingly similar to nearby wireless connections. Once connected to a scammer’s network, your data is in their hands. To be safe, check with an employee or another trusted source before you access an open Wi-Fi network.
Use https or a virtual private network (VPN) to protect your data. A VPN adds a layer of encryption and security that is valuable when using any unknown connection. At a minimum, you must ensure that https is present in a web address before accessing a secure site (i.e., webmail, social media, or any site that requires a login). And whenever possible, hold off on doing any financial transactions on Wi-Fi, including checking your bank balance or making ecommerce purchases. It’s safest to handle these activities to known, secure networks.
Consider traveling with a personal hotspot. If you use a mobile hotspot leased from your service provider, you can be confident that you are getting a secure connection. This is particularly valuable advice for business travelers, given that it’s often necessary to network on the go and that security is a must for business-related activities.
Happy travels. Let the summer vacations begin.
Joe Ferrara is CEO of Pittsburgh-based Wombat Security Technologies.