The Traveler's Guide to Cybersecurity
Although you should always pay attention to your cybersecurity, when you travel for business, it is imperative to be even more vigilant about protecting your digital assets. When you are on the road, you are also responsible for safeguarding your organization’s property and information—and you’re slightly more vulnerable to cyberattacks. This guide provides a few pointers on how to develop safe cybersecurity habits when you travel for work.
Create strong passwords for your devices.
If your device has the capability to do pattern-based or fingerprint-based authentication, those methods will be stronger and more secure than using a text-based passwords.
Be wary of public Wi-Fi and internet.
You will be inherently more at risk whenever you connect to a public hotspot. If your organization has the capability, ask for a 3G/4G cellular Wi-Fi device that will let you deploy your own hotspot or connect your laptop to a cellular network, which is more private and thus more secure. If you must use public internet, see if your organization has the capability to provide you with a VPN connection. A VPN connection creates a tunnel through the public internet that can secure all of the traffic leaving your device. If your organization does not provide VPN, you may want to explore purchasing commercial VPN options such as NordVPN or ExpressVPN.
If you are traveling to an unknown place, consider using cash. This will put you less at risk of being hacked by a credit card skimmer and prevent unsavory characters from writing down your credit card number.
You may want to ask your organization’s IT department if it supports device encryption. By using encryption, if your device is lost or stolen, it is almost impossible for an adversary to steal information off a hard drive. Typically, you can either encrypt an entire PC hard drive or an external hard drive.
Disable Bluetooth and near field communication (NFC).
Many phones and laptops have Bluetooth and NFC enabled by default. These two protocols broadcast signals from your device, potentially leaving it more vulnerable for an adversary to connect to it and siphon your data. It is best to disable these features as much as possible when traveling.
Avoid public charging stations.
Recently, researchers at DEF CON (a hacking conference) demonstrated that public charging stations, such as those typically found in airports or other public places, are vulnerable to attack. Hackers could potentially plant a USB cable that captures information about anything plugged into it. While this method of attack doesn’t appear to be rampant, it is less risky if you have your own source of power to recharge your devices.
Enable two-factor authentication.
Whenever possible, you should enable two-factor authentication if your service (i.e., Gmail, Amazon, bank) supports it. Two factor means you need two steps in order to authenticate to a service. The first is something you know (like a password), and the second is something you have (like a smartphone). This is recommended for both your personal and corporate services.
Vigilance and awareness are both key components when traveling. Practice good cybersecurity habits, such as the ones listed above, and you can be more confident that you’re keeping your data and information safe when you’re on the go.
Share Our Graphic
We encourage you to share our graphic. If interested, please use the following citation: Created by Syracuse University's Master of Science in Cybersecurity program.
About the writer:
Bobby Bermudez has over 15 years of IT industry experience, and has worked with myriad clients ranging from startups, non-profits, Fortune 500 companies and local & Federal governments. His horizontal expertise with computer, network and web technologies led him to create Symposit LLC, a boutique IT consulting firm.
Bobby received a B.S. in Decision Sciences and Management Information Systems from George Mason University, a graduate certification in Project Management from Georgetown University and a M.S. in Computer Information Systems with a concentration in Cybersecurity from Boston University. In addition he holds several other technical certifications.