With remote work in full swing and COVID-19 testing requirements recently dropped for US air travel, people are more than ready to hit the road and the skies for a summer vacation. However, this summer mass canceled flights and high gas prices aren’t the only worries for travelers. With roughly 70 percent of travelers unknowingly engaging in risky behaviors that could expose them – and their employers – to cyberattacks, travelers will need to add cybersecurity to their packing list in addition to sunscreen and passports.
Whether your employees are charging their phone at the airport, scrolling through Twitter in their hotel bed, or sending off work emails at a resort’s pool while vacationing, there are a few basic cybersecurity steps businesses should recommend to keep employees and sensitive company data safe while traveling.
Tip #1 – Think ahead when packing
With the hustle and bustle of today’s society, people are constantly on the go. But while vacationers may speed through their packing process while itching to hit the road, it is important to stop and think about the not so pleasant “what ifs” that unfortunately accompany some vacations, such as the possibility of losing one’s electronic devices. In fact, thousands of laptops are lost in airports every week, highlighting the critical need to fully backup any smartphones, laptops, or other devices before leaving for PTO. Recommend your employees back up data regularly – but especially before vacation – to ensure you’ll be able to recover what was on the devices despite losing them during the trip.
If traveling internationally, one thing to keep in mind is the differing legislation and cultural aspects that can cause several potential risks to the security of information. For instance, a flight to Japan may have a stopover in Russia or China that has significant differences concerning data privacy. It may be wise to recommend or require that employees leave their devices at home or take extra security measures when traveling to these areas.
In addition, it is not advisable and sometimes not even allowed (for example, by Swedish and/or the US law enforcement agencies) to interconnect a password manager’s IT infrastructure to the IT infrastructure of a specific country without investigating the problems that come along with this, making it exceptionally important to conduct the proper backup methods to remember important logins to store them safely.
Tip #2 – Charge before you go
Airports serve as a hacker’s dream and a traveler’s nightmare thanks to the thousands of people bustling in and out each day. If a traveler’s info becomes breached, hackers could potentially have access to identifiable information (PII), payment details, and sensitive company information. These scammers work relentlessly to fool tired and distracted airport travelers through numerous schemes, including creating fake network hotspots, taking control of airport Wi-Fi routers, secretly installing malware, tampering with USB connections, and more.
Recommend that your employees avoid charging their phones at the airport. If that is not possible, they should bring a backup battery or use a traditional wall outlet to decrease the chances of being hacked instead. Shockingly, 25% of travelers are hacked due to using public Wi-Fi while traveling abroad, reinforcing the need to take additional precautions, such as avoiding all public Wi-Fi networks and turning off auto pilot, airdrop, and Bluetooth features.
Tip #3 – Avoid hotel hazards
Before COVID-19 forced hotels into a two-year period of on-off closures, they were the victims of 13 percent of cyber compromises, according to Trustwave’s 2020 Global Security Report. Now, hotels and hospitality businesses are the third most targeted by cyber attackers of all industry sectors.
Thanks to the large volume of financial transactions being carried out, constant use of loyalty programs, supply of databases used to store sensitive personal data, and being a temporary home to national and international travelers, hotels are a hotbed for cybersecurity issues.
As tempting as it may be to scroll through social media while waiting for the elevator or ship off a quick work email while enjoying a cocktail in the hotel lounge, travelers need to conduct proper cybersecurity measures to avoid being a victim of DarkHotel Hacking and other common tactics.
Constant monitoring of one’s hotel Wi-Fi usage is a must as attackers tend to target guests in an effort to gain sensitive information, specifically travelers on business. Forged digital certificates can appear on a victim’s device showing software, such as Adobe, has been downloaded where the victim then receives a malicious notification.
Ideally, make sure employees are using a VPN when traveling internationally or working in potentially unsafe conditions to protect themselves and any business data. Additionally, double-checking any and all alerts that pop up on one’s computers or phones during the duration of their stay and downloading directly from the hotel’s website is always a safe cybersecurity practice while staying at the hotel.
It’s important to remember that while a vacation is supposed to be fun, being hacked can be a big hindrance to reaching ultimate relaxation. And, in the age of “work from anywhere,” traveling can not only put personal data at risk, but also sensitive business data. However, if travelers take the proper security measures beforehand, this year’s summer vacation will be the safest and most secure yet.