Essential Cyber Security Tips to Stay Safe Travelling

Uploaded on 2015-11-11 in NEWS-News Analysis, FREE TO VIEW

Whether you’re taking a personal holiday or a business trip, traveling by car or by plane, planning a quick jaunt or preparing for an extended stay, make sure your cyber security best practices are coming along for the ride.

Criminals don’t take vacations. In fact, they feast on tourists and travelers, taking advantage of people when their guards are down or when they’re distracted by other pursuits. Wombat Security Technologies pulled together four essential tips you can use to stay safe when you travel.

1. Stick to the basics

Many travelers think about packing light when it comes to clothes and toiletries. Well, this advice applies to your mobile devices and personal data as well. Here’s how to streamline:
    
    Leave data-packed business devices and materials behind whenever possible. If you don’t think you’ll use it, don’t take it. Ask yourself, “Is this business critical?” If the answer is no, it shouldn’t make the trip.
    
    Limit the credit cards and personal identification items you take with you; pare down to the things you know you’ll need. Before you go, make a note of what you have and any relevant customer service numbers. Store that in a safe place so you’ll have a quick reference in case your wallet is lost or stolen.
    
    Explore the possibility of using a “disposable” phone and laptop when traveling, particularly if you are an executive, manager, or business insider who deals with highly confidential data. This approach allows you to maintain connectivity without exposing the contact lists, files, and sensitive information that are stored on daily-use devices. If your organization doesn’t support this type of service, make the case for building a small repository of devices that can be issued prior to travel and then be wiped clean afterward.

2. Get physical

Relatively simple physical security measures can be the difference between keeping data safe and suffering a breach. Whether you’re talking about personal data or business information, dealing with the aftermath of a breach is time consuming, frustrating, and (often) incredibly costly. Remember these basic tips to help keep your devices (and the data they contain) secure while you’re on the go:
    
    Don’t leave your devices unattended in public, not even for a few moments. It can be tempting to put you smartphone off to the side while you check your bags at the airport or to leave your laptop sitting on the table while you got to the café counter to get a refill. Thieves are opportunistic; they can snatch up your device in a second while you’re not looking.
    
    Keep your devices concealed as often as possible, particularly when in a crowded place. Many smartphones — particularly iPhones and newly released devices — are coveted by criminals, and there have been known instances of particularly brazen thieves swiping phones right out of unsuspecting users’ hands and disappearing into crowds. Keep your smartphone tucked safely in an interior pocket of your jacket or bag when not in use, and consider using a wireless headset if you are “walking and talking.”
    
    Securely store your devices if you leave them behind. Naturally, your safest bet is to keep items with you, but sometimes that’s not practical while traveling. Remember that a hotel room is not secure; many people have access, and staff members often enter your room while you’re not there. A hotel safe is a better choice than leaving items out in the open or barely concealed in a suitcase (though even these safes shouldn’t be trusted to adequately secure devices that hold highly confidential data).

3. Share smart

Would you comfortable broadcasting on the radio that your house will be empty for a week while you’re on vacation? Would you hand you smartphone’s contact list to a complete stranger. Travelers often do the equivalent without even realizing it. Here’s how to keep your private information on lockdown:
    
    Turn off automatic check-ins and location tracking. In this age of social sharing, people often think nothing of revealing their favorite haunts and places to visit. The problem with automatic posts is the lack of control. Before long, your routines and habits are spelled out for the world to see. These activities can reveal where you are (a confidential business trip or meeting, perhaps), but they also reveal where you aren’t. Scammers and criminals like to tap into schedules because it gives them more information about who you are and what you do.
    
    Save the vacation posts until you’re back home. As with check-ins, the social updates you post while you’re out of town make it clear that you’re not at home and you’re not at your office. Many people have hundreds of social connections and followers, and a vast number of those online relationships are superficial. If you’re 1,000 miles away and you’ve let everyone know that you’ll be off the clock for a week, this creates a window of opportunity for a criminal to climb through. Though it’s tempting to detail your travels in real time, it’s important to consider the potentially negative ramifications of sharing this information.
    
    Be careful about Bluetooth connections. You may think nothing of pairing your smartphone to rental cars and other convenience devices. But did you know that information is sometimes stored after you terminate the connection? That means that your contact lists and other data could be left behind on, for example, a car that doesn’t belong to you. Before you turn in your keys, make sure your data has been deleted.

4. Be cautious of open WiFi

Many people set their phones to find and connect to accessible WiFi networks. While this approach can help reduce your mobile data consumption, it can also expose you to significant risks. Open WiFi — whether paid or free — must be approached with caution. Why? Because any WiFi network not protected by a password is vulnerable to attack. Here are some important tips to remember:
    
    Check before you connect. Did you know that names of WiFi networks are manually created? This means that anyone can name a network anything they want. Scammers set up “rogue” and “evil twin” networks with names that sound trustworthy — Airport WiFi, for example — or that are similar to legitimate nearby networks — Official Café Wireless instead of Café WiFi, for example. Once connected to a scammer’s network, your data is in their hands. To be safe, check with an employee or another trusted source before you access an open WiFi network.
    
    Use https or a VPN to protect your data. A VPN adds a layer of encryption and security that is valuable when using any unknown connection. If you can use one, do use one. At a minimum, you must ensure that https is present in a web address before accessing a secure site (i.e., webmail, social media, or any site that requires a login). And whenever possible, hold off on doing any financial transactions on WiFi, including checking your bank balance or making ecommerce purchases. It’s safest to handle these activities to known, secure networks.

Consider traveling with a personal hotspot. If you use a mobile hotspot leased from your service provider, you can be confident that you are getting a secure connection. This is particularly valuable advice for business travelers, given that it’s often necessary to network on the go and that security is a must for business-related activities.

Net-security

 

« Energy Under Hacktivist Threat
Where Next? Paris Attacks Show Mumbai Strikes Are Global Blueprint »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Hack Miami

Hack Miami

HackMiami is the premier resource in South Florida for highly skilled hackers that specialize in vulnerability analysis, penetration testing, digital forensics, and all manner of IT security.

Cleo

Cleo

Cleo is a leader in secure information integration, enabling both ease and excellence in business data movement and orchestration.

Planit

Planit

Planit is a leader in Quality Assurance and a specialist in software testing and training services.

Ammune.ai

Ammune.ai

Ammune.ai (formerly L7 Defense) helps organizations to protect their infrastructure, applications, customers, employees, and partners against the growing risk of API-borne attacks.

Foundation Futuristic Technologies (FFT)

Foundation Futuristic Technologies (FFT)

FFT is a global leader in computer forensics and digital investigation solutions.

Telia Cygate

Telia Cygate

Cygate are specialists in information security, data networks, and data centre and cloud technologies.

Cyber, Space, & Intelligence Association (CSIA)

Cyber, Space, & Intelligence Association (CSIA)

CSIA focuses on issues critical to Cyber Security, Military Space and Intelligence.

Signal Sciences

Signal Sciences

Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform.

Innovent Recycling

Innovent Recycling

Innovent Recycling provides a secure IT recycling & data destruction service to all types of organizations across the UK.

Data Eliminate

Data Eliminate

Data Eliminate provide data destruction, secure end-of-life IT asset disposal, and data protection consultancy services.

e-End

e-End

e-End provides hard drive shredding, degaussing and data destruction solutions validated by the highest electronic certifcations to keep you compliant with GLB, SOX, FACTA, FISMA, HIPAA, COPPA, ITAR.

EPIC Insurance Brokers & Consultants

EPIC Insurance Brokers & Consultants

EPIC is an insuarnce broker and consultancy firm. Risk management services include risk consultancy and cybersecurity insurance.

IntaPeople

IntaPeople

IntaPeople are IT and engineering recruitment specialists. We have specialist teams for job sectors including Cybersecurity, IT infrastructure and DevOps.

Alacrinet

Alacrinet

Alacrinet is an IT and cyber security consultancy. From penetration testing to fully managed MSSP, our team is focused on knowing the latest threats, preventing vulnerabilities, and providing value.

World Cyber Security Summit

World Cyber Security Summit

World Cyber Security Summit, by Trescon, is a thought-leadership driven platform for CISOs who are looking to explore new-age threats and the technologies/strategies that can help mitigate them.

Oak9

Oak9

The oak9 platform analyzes infrastructure as code (IaC) and builds security into cloud native applications so they are secure and compliant by design.

BATM Advanced Communications

BATM Advanced Communications

BATM Advanced Communications is a leading provider of real-time technologies for networking and cyber security solutions.