Most cyber-security experts agree that about 20% of travelers are subject to cyber crime while abroad. Any time you use your phone or laptop on a public network, you are subject to criminals accessing sensitive and confidential data from you or your organization. At Projetech, we keep the following in mind while we travel and suggest you do the same in order to protect your data.
- Ensure all software especially security patches and antivirus updates are applied and up to date before your travel date.
- Consider utilizing temporary devices such as an inexpensive laptop and/or a prepaid cell phone.
- Ensure any information/data is backed-up to a separate device and/or a cloud service in case your primarily device is compromised, lost, or damaged while traveling.
- Remove any sensitive data you don’t plan on using while on your trip.
- Enable (MFA) as an extra layer of security on anything that offers it.
- Make sure you have some type of password, pass phase, or PIN lock set on all your devices if you haven’t already. If you want to be very diligent you can set new passwords or pass codes on sensitive accounts that you can use for the duration of your trip.
- Enable full disk encryption on your device(s)such as Bit locker. That way if your device is compromised it is extremely difficult for criminals to steal information. Also ensure there’s no restrictions or laws regarding encryption if you’re traveling out of the Country, you may need to apply for a license or file for approval prior to arrival.
- Take advantage of remote wipe software for both laptops and cell phones. If your devices are lost or stolen this will allow you to completely wipe the device of any sensitive information, it may have on it. Google and Apple both offer support for remote wipes on mobile devices.
During your trip:
- Disable the ability for your devices to automatically connect to any available wireless networks or Bluetooth devices.This prevents automatically connecting to any possible rouge access points or devices.
- When connecting to public Wi-Fi, if it’s protected with a login double check the network name and login procedures with the staff to ensure you are connecting to a legitimate network. If your connecting to an unsecured Wi-Fi network do not do any sensitive work while connected (Banking, confidential business work, etc.). If possible, use a network hotspot for any business or sensitive activities such as banking.
- Limit travel information that you post on social media this could be travel dates, location, or why you’re traveling. This information could be valuable to criminals because they could use it against you or your company in a phishing campaign (i.e. A criminal may send a phishing email to your company while you’re traveling that looks like it’s from the traveler asking for a cash deposit because they lost their wallet while on the business trip.)
- Never leave your device(s) unattended, take them with your everywhere you go.
- Never insert unknown devices such as USB flash drives, SD cards, etc. into your personal device. A free flash drive may look appealing but could be housing malware.
- Avoid using public charging stations. You can’t be sure where your device is really connecting to, the charging station could be a malicious computer that scrapes/collects the data off your phone.
- When possible use your company’s or a 3rd party VPN (Virtual private network) to setup a secure connection.
- Avoid entering your credentials into any public computers, ex. Internet cafes, hotels, airports, etc.
When you return:
- Change any and all passwords you may have used while abroad
- Run antivirus scans on devices you traveled with