With summer on the horizon, you may be planning your season travel, whether it is for business or pleasure. Many travelers take safety precautions by putting padlocks on their suitcases, wearing money belts, and storing credit cards in RFID-blocking wallets. However, you should also include device cybersecurity in your travel preparations. According to an Experian study, 33 percent of the 15 million Americans who have been the victim of identity theft had their devices hacked while traveling.
At times, your company cannot wait until you get back to the office if an urgent matter comes up. For example, while you are waiting at the airport, you may need to email a proposal for landing a major account or help an employee resolve an issue with an unhappy client. To stay connected to the office, many travelers carry a laptop, tablet, and smartphone. However, if travelers do not take necessary cybersecurity measures, nearby hackers can break into devices, eavesdrop on activities, and initiate fraudulent schemes.
Where can cybercriminals spy on your activities while you are traveling?
- Airports, transportation depots, cruise ports
- Coffee shops, restaurants, bars, bookstores, libraries, clinics
- Planes, trains, buses, cruise ships
- Around the hotel including lobbies, convention halls, and swimming pools
How can you ensure safe device use during your trip?
- Leave non-essential devices and data at home.
- Update operating systems, applications, and browsers before you depart for your trip. Do not do these activities while away, as you are at a greater risk of downloading impostor malware. Also, scan your devices with anti-virus software and delete apps you are not using. Additionally, you should back up your devices including files, photos, and videos to another device and/or a cloud service.
- Turn off your Bluetooth, file sharing, and Wi-Fi auto-connect settings. Cybercriminals can use these channels to hijack your devices.
- Keep devices and drives locked in your luggage while they are with you. Carry on devices, instead of checking them. Once in the hotel, lock unused devices and drives in the room safe.
- Use your own devices whenever possible. Assume that any devices that do not belong to you are not secure.
- Make sure devices are PIN and/or fingerprint protected, and the home screen is set to lock after a period of inactivity.
- Set up the “find my phone” feature on your devices. NCSA states that this will allow you to find, remotely wipe data, and/or disable the device if it gets into the wrong hands.
- Be aware of your surroundings when working in a public area. Make sure people nearby cannot look over your shoulder at your device activities. Also, if you are using a laptop, consider using a privacy screen.
- Do not leave devices unattended when you are out in public, such as leaving a laptop on a coffee shop table to go to the restroom.
- Stick with Wi-Fi signals that require a password. Criminals can create impostor signals with official-sounding names like the airport, hotel, and restaurant. Confirm the correct name of the Wi-Fi signal with the facility you are at before connecting.
- Do not use public USB chargers typically found in airports and hotels. Hackers can use these chargers with USB cables to spy on and steal data from mobile devices. Stick to charging your devices with a power adapter and/or portable battery.
- Use a VPN while on a public Wi-Fi signal. A VPN can hide your IP address and encrypt your communications. Plus, if you are abroad and need to access a website that your location banned, such as Facebook in China, the VPN will allow you to access the site by listing your device IP address as being from the U.S. We recommend using SonicWall for work devices and NordVPN for personal devices.
- Using public computers at an airport or hotel business center is risky. These devices may contain spyware and the facility may not maintain them regularly. If you need to use one of these computers, limit it to looking at non-sensitive information such as transportation schedules, attraction hours, and maps. We do not recommend logging into any online accounts with these computers. Use the internet browser’s incognito window and clear the browsing history, cookies, and cache before ending your session.
- Use wired internet, private Wi-Fi, and mobile data when working with sensitive information. It is much more challenging for hackers to intercept your data. For example, for internet use outside the hotel room, you can purchase a data plan from a telecommunications provider, such as AT&T, and insert their provided SIM card into the device of your choice. Plus, that device can become your Wi-Fi hotspot for your other devices.
- When accessing online accounts, make sure the website address starts with “https://.”
- Limit your location sharing. Turn off location sharing on your devices when not using them. Also, do not share geotagged vacation photos on social media in real-time. Criminals can compromise your email account and send out fake emergency money-wiring requests to your contacts. Besides, thieves will see the photo postings as an opportunity to rob your home or hotel room. Wait until you get back from vacation to share these photos.
- If you are traveling abroad, consider using burner devices that include only the operating system and most essential applications. It lowers the chance of a data breach in case of device loss, theft, or unwanted search. When you return from the trip, wipe, and reformat the devices. We recommend this process, particularly in countries that have a reputation for engaging in cyber espionage, such as Russia and China.
- If your trip requires going through customs and border patrols, log out of your accounts and shut off your devices. Anyone who tries to access your device must enter login information.
- If you believe a hacker compromised a company device, go to a secluded location with a secure internet connection and call SwiftTech Solutions at 877-794-3811. We can remote into your computer and remove malware from your device. Also, go to another device to change your online passwords and monitor your financial statements for any fraudulent activity.
Note: SwiftTech Solutions originally published this blog in June 2018 and updated it for accuracy and comprehensiveness.