Now the weather is hotting up, many workers may be considering spending some time away from their desk. You may be more inclined to head to that conference in Barcelona or take a trip with the family but keep the company phone on you.
Whether you’re hopping on a plane or enjoying a staycation closer to home, taking your business away from your regular workplace brings about a new bevy of security risks. These include insecure Wi-Fi networks, infected public charging ports and Bluetooth attacks.
So if you’re heading on holiday with laptop in hand this summer, TechRepublic has spoken to the experts to discover the top tips to keep your digital devices and company data secure.
SEE: Essential Travel Tips for Business Pros from TechRepublic Premium
1. Consult in-house security team before travelling
Tim Rawlins, senior adviser and security director at NCC Group, said it is important to talk to your company’s security team before travelling with work devices to ensure you’re informed of any policies and processes.
“Working abroad is not always allowed; there might be visa issues or security restrictions such as geo-blocking and data sovereignty issues that you might not have considered,” he told TechRepublic.
“Stay informed about the local situation and be aware of common scams and threats in the region you are visiting. Report any suspicious activities or potential security breaches to your organisation’s IT or security team immediately.”
2. Don’t use public Wi-Fi networks
Martin Lee, EMEA lead at cyber security firm Cisco Talos, told TechRepublic in an email, “There is always the temptation to save on data roaming charges and allowances by joining public networks or WiFi. However, it may be worth considering paying the extra tariffs to keep your data safe.”
“Shared public networks may be shared with dubious characters, or an apparently free to use network may be a malicious decoy network set-up to dupe the unwary. A criminal snooping a network can steal cookies or session tokens to gain access to your confidential services.
“Alternatively, an attacker may create a man-in-the-middle attack to impersonate a key system while intercepting and modifying data.”
3. Use a VPN
VPNs can be used on phones connected to local cellular networks abroad, as well as laptops. Trevor Horwitz, the founder and CISO of TrustNet, told TechRepublic in an email, “By encrypting your data before it leaves your device, a VPN ensures any intercepted data remains unreadable.
“Another VPN benefit is the ability to mask your location by assigning you a new IP address. This helps bypass any restrictions the Wi-Fi provider sets and enhances online anonymity.”
SEE: 5 Best VPNs for Travel in 2024 (Free & Paid VPNs)
4. Keep devices out of sight while travelling
“When travelling, keep devices securely out of sight,” said Lee. “Be aware of your surroundings when using devices, thieves are adept at snatching devices in busy areas, and sneakily spiriting them away when attentions are elsewhere.”
Rawlins said to remain particularly vigilant when using a phone’s map app for directions. “Phones are often snatched in the street by criminals on electric bikes, or when doors are about to close on public transport,” he told TechRepublic in an email.
5. Use dedicated work devices or virtual desktop solutions
Horwitz told TechRepublic that frequent travellers should consider having a designated work device that holds only the data and capabilities needed for their trip. “This strategy enhances security by isolating travel activities from primary devices, allowing for stricter security measures and reduced risks,” he said.
“Before and after travel, wipe dedicated devices and restore them to a clean state. Finally, make sure to review and analyse any suspicious activity that might have occurred during your travels.”
Any data stored on a work device should be encrypted and backed up. Horwitz said that it is better to store backups in the cloud rather than on an external drive, so you can access a copy while away if needed and have it automatically update.
Alternatively, consider using a virtual desktop solution that remotely connects to a device back at the office. Horwitz said, “All the information and files they use are stored in the virtual environment and not on the local device. In the event a device is stolen, there shouldn’t be any data to access.”
6. Secure work devices
Ensuring the devices that you take away with you remain secure starts with their in-built security settings and antivirus software.
Rawlins told TechRepublic, “Keep your devices secured with strong, unique passwords and enable biometric security features where possible. Also update your software, particularly the operating system, to the latest version available.
“Enable two-factor authentication on all your accounts, particularly your email where password reset emails are sent, but use an authenticator app rather than a text or email sent to your phone.”
Andrew Lungsden, security consultant at Forge Secure, added in an email, “Reducing the number of login attempts before an account is locked out can also prevent someone from guessing a bad password.”
He also recommended using personal firewalls, which monitor and filter incoming and outgoing network traffic. “This ensures that you reduce the connections that your laptop might present to an untrusted WiFi network, and helps to reduce your device as a potential target,” Lungsden said.
7. Use a privacy screen
Lungsden said, “If you are working on any projects that have client information or any sensitive data, having someone sitting nearby glancing at your screen can be a problem.
“You can reduce this risk with some privacy screens for your laptop or mobile device. This is a screen protector that obscures your screen from anyone who isn’t looking directly at it and can add a little extra protection to your company data.”
8. Disable USB ports
Lungsden said, “The USB ports on your device can be disabled. It can only take a few seconds for a USB device to be plugged into your laptop, a program to automatically run, and your device to be compromised. There’s also a good chance you don’t need USB ports while travelling.
“If you disable them before setting off on any trip it can help remove a potential risk.”
9. Set up device lockout and remote wiping capabilities
There’s a higher chance of a thief grabbing your work device when you are travelling with it, and it could also be unlocked at the time. Therefore, remember to configure its lockout settings.
Lungsden said, “You can have a short lock-out time and also make sure the account will lock as the laptop is closed. This can reduce the potential that your account will be accessed.”
He added that remote locking and wiping capabilities can be useful in the case of theft, as they can help ensure data protection. “Many device management systems offer features such as this,” said Lungsden.
10. Be careful with rented accommodations
Lee said, “When booking accommodation, double check that the booking site is the genuine article and not a cloned site that will take your money but not provide a valid recognised booking. Never agree to pay for accommodation outside of the official booking mechanism, you won’t have any recourse to get a refund if the booking is fraudulent.”
When staying in rented accommodations, it is important not to leave valuables or devices unsecured, even in a locked room. “Room keys may have been cloned or stolen,” said Lee.
At the end of the stay, it’s important to log out of any devices, such as smart TVs, and not to store any credentials. “Otherwise, subsequent guests may be able to access your accounts,” Lee added.
