How to Improve Cyber Security During Business Travel
Posted by Mike Atherton on 21 July, 2016
It’s now easy to work anywhere, anytime, just as if you were back at the office. But it’s crucial to remember that when you are in your office you’re supported by secure infrastructure, maintained by experts focused on keeping you and the company safe, whereas on the road that support network is usually almost entirely absent.
Cyber attackers can sell anything they can obtain, including your personal details, those of your clients, your suppliers, even just your email contacts list – it’s all valuable on the dark web. Other hackers may not be interested in accessing your data but will use your hacked laptop, device or information in order to access something or someone that is of interest to them.
How Easy Is It to Hack a Traveller?
There are three main ways an unsuspecting or careless traveller/company might put themselves at risk:
- Using an open Wi-Fi network.
Hackers can steal your data by intercepting an open Wi-Fi network and gaining access to the screens of all other users on the network. Then they simply pull the data they’re interested in from the data stream.
- Spoofing a Wi-Fi hotspot.
Hackers can catch an unsuspecting traveller by broadcasting their own “open” network. This is an easy way to catch travellers who want to keep working on the go and will log in to unsecure networks to fire off a quick email. Always avoid anything that says “free”, unless you know exactly what it is and who is running it.
- Being careless with their devices.
Forgetting a phone in the back of a taxi, leaving your laptop in the hotel, letting others access your devices – these are all ways that you may make your hardware and your data vulnerable. A laptop might cost a few hundred pounds but the data stored on it can cost millions.
What Can the Traveller Do?
For those who need to work while they travel, there’s no way to remain absolutely safe. However, taking some simple precautions can mitigate much of the danger and keep your data safer when you travel:
One of the most important things to do is back up your data; recovering lost data is a far harder, sometimes impossible, task.
Be discriminating about the devices you take. Bringing a phone, laptop, tablet and wearables might make things more convenient, but every additional device adds an extra opportunity for hackers to access your data.
Installing anti-virus software on all the devices you do take is a must; there’s plenty of good options out there now and the right software can be the difference between keeping your data safe and losing it.
Avoid the temptation to share your travel itinerary and plans on your social media channels. Not only does this let the hacker know you’re away it also gives them an opportunity to contact connections with spoof email.
2. During the trip
Physically protect your devices by not letting them out of your sight. Never pack them in the hold, leave them in your hotel (even in the safe!) or leave them unattended on your dining table whilst you peruse the buffet.
Most devices let you add pin codes or passwords to boost security. Take advantage of this and make sure yours is more difficult to guess then 1234 or “password”! If your devices has a fingerprint scanner built in use it – they’re not infallible but will make life harder for the hacker.
Disable the Bluetooth on your devices. Whilst Bluetooth makes connecting peripherals easy, once paired you can often forget it’s still on, and this sort of connection can give ready access to your devices for the hacker if they’re in close range.
Don’t use public Wi-Fi. Open networks are convenient and can make your favourite coffee shop a surrogate office, but they are simply not secure enough. Any hacker can imitate a safe network, and once you’ve connected to them they can take whatever data they like. Always double check with the hotel or coffee shop what the network access name is, don’t use a network that doesn’t require a password and be very suspicious of any network name with the word “Free” in it.
Needless to say, never, ever, perform any financial transactions over a public Wi-Fi network.
3. On your return
Email scams are becoming increasingly sophisticated, so be wary of any unusual emails you received during your time away. Be particularly cautious of any emails from your bank asking you to log in to check a unusual transaction – this can seem reasonable considering you’ve changed your spending patterns but this is a common hacking tactic.
It might seem a chore, but change your passwords regularly. Consider using a password manager – a simple search will lead you to several useful services.
4. Should you lose your devices
Firstly try to be calm and carefully assess the situation. Once you’re sure the device is gone, check whether its data can be remotely wiped. Try not to worry about the cost of the device, focus on what you can do to protect its contents. If the device can be tracked, then let the police know where it might be found.
Inform those that need to know immediately: senior management, IT, your bank, the police, anybody that could be impacted by a security breach. If your company has a security communication policy, it might need to be triggered.
Make sure staff are aware of the breach so they aren’t tricked into opening further gateways to company data based on realistic imitations. Ask colleagues and staff to change their passwords and any company-wide ones.
This may be a job for IT, but it’s now time to monitor activity across your network and services. If there is any unusual activity, it should be investigated immediately.
Finally use the experience as an opportunity to take positive steps. Look for ways to improve company policies and the support that staff can expect when travelling on their next trip. Developing the right culture will help staff understand their responsibilities and how to stay safe.
Ensuring that risk management is a key component of travel itinerary management is essential for duty of care. Our Intinerary Management Essentials guide will help TMCs and enterprises ensure that corporate travel is as safe as possible.