Summer’s just about here! And that means vacations and the busy summer travel season are also upon us. Whether you take a working vacation or travel for work, it’s important to keep your computer, your devices and your data safe and secure. Here are 8 tips for doing just that.
1. Backup your data before you leave
When it comes to those portal devices like iPads and smartphones, the real value to you most likely is the memories (photos, videos, messages, important files) that are stored on them. These are things that we want to keep safe.
The only real fail-safe against data loss – and this is true all the time, not just when you travel – is to have a backup.
In terms of a pre-travel checklist, running a backup is an important item because there is a higher risk of losing a laptop or other portable device when you are away from home.
Theft is a possibility, and so it misplacing it or accidentally leaving it behind in an airport, cab or hotel. Or of dropping it into the waterfall, or having it damaged at the amusement park or beach.
There are just so many things that can go wrong!
So before you leave home for any trip, best practice is to run a backup of all the devices you plan to take with you. That way your important files, photos and videos won’t get lost, even in the event of loss, damage or theft.
If your laptop is part of a business network, the data backup should be covered, but if you don't have ongoing IT support or just aren't sure if that support includes data backups management, it's best to confirm. Personal devices - even if used for business emails and phone calls - generally aren't going to be backed up on the network, so you'll likely need to manage that task.
Another tip? If you have proprietary business data on a laptop or device and you don’t need to access it during your travels, remove it before you go. This ensures that it will remain secure no matter what.
2. Secure your accounts with two-factor authentication
Two-factor authentication is an easy way to secure your accounts against a breach or any kind of authorized access. Most applications offer this option and we strongly recommend that you take steps to enable it where it’s offered.
This advice really isn’t specific to travel, but is a good defensive measure to have in place across the board.
By enabling this, you can prevent a hacker from accessing your account even if they manage to steal or crack your password. It works by requiring that a second piece of information be input – usually a pin or code – when a login attempt is made from a device that the account does not recognize.
It should be noted here that if your laptop falls into the wrong hands, two-factor authentication will not prevent unauthorized access to your accounts if that machine is a “trusted device” that is already recognized by an application.
Which makes it equally important that you follow the recommendations below with regards to securing your devices.
3. Secure your devices in anticipation of theft or loss
When planning any type of travel, it’s smart to apply basic risk management principles. This means thinking ahead about the “what if” scenarios and applying necessary safeguards in advance.
For example, what if your laptop is stolen in the airport?
What if it gets left behind at the theme park or the conference center?
You don’t want to kick yourself afterwards when you realize that your lock screen wasn’t activated, giving unfettered access to whoever took it or happens to find it.
As noted above, it’s also smart to remove files that are sensitive in nature or that you just don’t need while traveling.
You can also encrypt your laptop. Review your manufacturer’s settings in order to confirm that this feature is available and if so, how to enable it.
All your portable devices should at minimum be passcode-protected, and best practice – at least while traveling – is to shorten the amount of time that passes before auto-lock occurs.
For example, on an iPhone, you can do this under Settings > Display & Brightness > Auto-Lock. From there, you can set it to the lowest setting of 30 seconds.
4. Strengthen your passwords
It's a known fact that as human beings, we are pretty lazy about properly managing our passwords. In fact, an Intel survey last year revealed that over 5% of respondents would rather give up pizza than remember another password.
We're talking about pizza here!
And it's not a surprise considering that the average user is juggling nearly 30 online accounts.
So if you follow that best practice of using a unique password for every single account, that means creating and remembering up to 30 different passwords.
The problem is that weak passwords are a hacker's best friend. We make it easy by repeatedly using "password" as a password, and then using that terrible password on every single one of our accounts, sensitive or not.
Like much of what's covered here, following good password best practices is important every day. But since the very last thing anyone wants to be dealing with while travel - either for business or pleasure - is identity theft, or a data crisis caused by your weak password, it's a good idea to take the time to strengthen your passwords before you depart.
After all, best practice is to change your password on a regular basis, so why not use a trip as the opportunity to check that off the list?
Additionally, take care while traveling not to let others see you entering your smartphone passcode. We all think that things like that won't ever happen to us, but imagine the consequences if the wrong person observes you entering that code and then manages to steal your device.
5. If you don’t need it, don’t bring it
When you are traveling for business, it’s more difficult to avoid bringing a laptop. But maybe you have a tablet that will be sufficient for taking notes and accessing the internet? If all you need is to keep up with emails, can you do that from your smartphone?
Stop and really critically and honestly think through what you are going to need. If it’s highly unlikely that you’ll ever have time to log onto the laptop, don’t bring it and you greatly reduce your risks.
Leaving it at home means it definitely can’t be lost or stolen while you’re traveling.
So weigh that device/data security against the “I might have time to catch up at night” thought process that compels you take things…just in case.
If you put some thought around this while you are planning your trip, you might just find that you can realistically get by with just your smartphone or your tablet. Or maybe there are files that you can store on a flash drive, and share that way.
For any computer or device that you determine is critical to the trip, do your best to always keep it with you. If you must leave it behind, use the hotel safe or another secure location if possible.
Modern business often demands that employees are always connected, so even when you’re traveling for fun, you might still feel the need to bring a laptop so that you can put some time in remotely. In that case, the same recommendations apply.
6. Make sure all devices are up-to-date
We can’t stress this enough. And this is critical all the time, not just when you are traveling.
But when you know you’re headed out of town, make sure that your pre-travel checklist includes this step.
Make sure that all your devices are running the most current operating system and that any software applications are up-to-date as well. This includes your smartphone and tablet, as they are also vulnerable to cyber-attacks and breaches.
If your laptop is part of the company network, your IT service provider should have that one covered through ongoing patch management (Corsica customers....you're covered!). But if you don’t have a proactive managed IT solution, then you’ll need to check this yourself or contact your IT consultant.
Also make sure that your anti-virus software is running the latest version.
We talk next about public wi-fi networks, but it’s inevitable while traveling that you are going to end up connected to Wi-Fi through at least a hotel or a conference center. So having all of the latest security updates applied is a good way to defend against the risks that come along with those connections.
7. Beware Public Wi-Fi Networks
Best practice is to always avoid joining a public network that doesn’t require a password. That network could in fact be set up by a hacker lurking around the local coffee shop or airport terminal. Just because it has the name of the establishment in the network, doesn’t mean it’s legit.
In fact, the use of public Wi-Fi is a common tactic for a Man-in-the-Middle (MOTM) attack. (Check out the link below to read the full article on MOTM and 6 other common types of attacks.)
Even when you are connected to what you believe to be a secure Wi-Fi network, it’s always best to limit your activity.
You want to avoid logging into your bank account (or the company’s bank account) or paying your credit card bill while away from your home or trusted business network. Any sensitive business transactions or communications should be avoided as well.
To that end, it’s smart before you depart for any trip to take care of any bill payments that are due during that time period.
Most smartphones can double as a hotspot when you need internet access, which presents a secure option for connecting to the internet when necessary. This does have some limitations and challenges (such as slow or spotty connections, and the high cost for data overages that you may incur as a result of being connected), but with many carriers offering unlimited data, it’s a better option today that even a year ago.
Another option is to use a VPN or virtual private network. When you connect this way, all business-related activity is fully encrypted. It uses the unsecure, public connection to create a secure connection to the business server and then connects to the internet that way. VPN’s do though tend to be noticeably slower since you have to go through another computer in order to connect to the web.
One final note is that modern productivity tools like Office 365 allow users to work on documents offline and then those updates will automatically sync as soon as they go back online. In this way, users can still make progress on documents or presentations, even if they aren’t online.
8. Think Before You Post
There is virtually no limit to the amount of personal information you can share on social media these days. Between check-ins, live videos and location tags, it’s possible to broadcast basically your every move.
But should you?
Because sharing your travels means that someone on the other end can easily track your movements. Not only are you broadcasting that you aren’t home (and your house is empty), but you are also letting the world know you aren’t at work.
Maybe you’re thinking “so what?”, but letting the world know you are out of the office opens up the opportunity for a creative hacker to target your business using social engineering tactics. For more on this, read this past article and the Pro Tip about Out of Office messages.
The impulse to share vacation pics or travel woes (i.e. “3-hour delay at BWI…ugh!”) is strong in our socially-connected world, but the best advice we can give is to avoid leaving a digital trail as to your whereabouts by not checking in everywhere you go, disabling the location settings that broadcast exactly where you are posting from, and saving the post of your amazing vacation pics for AFTER you get home.
Follow these tips for keeping data and devices safe and you'll have at least one less thing to worry about during your travels this summer.