Staying safe online is as important when travelling as when at home. The more you travel and access the internet, the more potential risks you face.
We offer some tips to help minimise the risk of criminals stealing your data and property to use for fraud, identity theft or other illegal activities.
Before your trip
- Update your devices before travelling. Ensure all personal and work devices you plan to take are running the latest versions of software and operating systems. This will improve its ability to defend against malware and viruses.
- Back up your data. It’s boring but important. Back up documents, contacts, photos and other data with another device, to your work server or to the cloud, as appropriate to your organisation.
- Bring only the devices you need. The fewer items you bring, the fewer you have to lose.
- Set up a tracking feature on your devices. Check whether your employer has enrolled your laptop, mobile etc. into a mobile device management solution that allows them to find or wipe lost or stolen corporate devices. For personal devices, consider the use of trackers, such as Apple AirTags or equivalents.
- Print and carry emergency access codes. Applications often provide the option of generating emergency access codes on set up, or offer a secondary validation method such as e-mail. Consider setting these up in advance, where the application allows it, in case your device(s) are stolen and you use them for multi-factor authentication.
- Familiarise yourself with your company’s mobile and remote working policy. Even if you travel on business or work from home regularly, policies may be updated from time to time and serve as a useful reminder of what your organisation permits and requires.
- Book travel arrangements via agreed providers. Using the providers recommended or required by your business will help you avoid visa scams, advance fee fraud and fake websites designed to steal your data.
- Ensure someone knows your whereabouts. Leave details of your itinerary and any deviations, how you will travel, flight numbers etc., when you expect to arrive and return, and what to do in the event of undue delay with a trusted colleague, friend or family member.
- Imagine the worst-case scenario. Consider what you would do if you lost your phone, passport or work laptop, or had a medical emergency. Prepare accordingly with hard copies of itineraries, flight details, key telephone numbers, medical information and so on.
- Remain alert when going through airport security. If you’re able, do not log into your computer for it to be inspected. If at all possible, do not surrender your password at airport security. If any devices are confiscated or taken away by officials, speak to your company IT department before turning them back on.
- Use a virtual private network (VPN). Connect to trusted wired or Wi-Fi networks wherever possible. For other times, in airports, hotels, cafés and so on, use a virtual private network (VPN) to keep communications private in transit.
- Use two-factor authentication. Secure accounts with strong passwords, don’t use easy-to-guess passwords or reuse the same passwords for multiple logins. Keep your authentication token separate from your device. Consider printing authentication codes and carrying them with you for a limited period in the event of the loss or theft of your devices or tokens.
- Ensure that your devices are kept in a secure location. Use the hotel room safe overnight and while out of the room. Beware of pickpockets in crowded locations but also while attending business events, dining out with colleagues or hosting clients. Opportunist professional thieves strike when your attention is elsewhere. Spread your valuables between different pockets and bags. Keep them out of sight where possible.
- Do not publicise your route or routine outside trusted colleagues, family and friends. Be careful about your use of social media, including professional networking sites such as LinkedIn, as virtual kidnapping is on the rise.
- Securely destroy sensitive items. Mitigate the risks of sensitive information falling into the wrong hands by shredding or securely destroying of CDs etc. Even copies of meeting agendas and minutes could contain details of strategic and marketing plans. If something has commercial value to your business, it also has commercial value to someone outside the business.
- Retain boarding pass and airline-printed luggage tags until after you return home. Securely destroy the barcode on these items as it’s a potential goldmine for data thieves, containing passenger name, ticket number, port of departure and arrival, date, time, date of birth, passport data, frequent flyer number and so on.
This post was powered by Cortida. Cortida offers information and cyber security consulting, including awareness training for mobile and remote workers. For more information, please get in touch: firstname.lastname@example.org