When packing for a vacation, many of us rely on a checklist to make sure we have IDs, passports and other travel documents. Check. Swimwear, toiletries, and other personal effects? Check. Devices, gadgets, and accessories? Check.
What about an understanding of the company cybersecurity guidelines and implementation of cybersecurity measures?
More often than not, traveling employees neglect crucial cybersecurity efforts in their travel preparations. Afterall, do any of us think about the security of business data when we’re headed for relaxation?
Mobile workers have become a target for hackers, exposing their companies to cybersecurity risks even when they’re taking time off.
In this post, we talk about ways and habits traveling workers can threaten your digital assets as well as tips and measures companies, and employees can take to mitigate travel-related cybersecurity risks.
How Traveling Employees Can Expose Your Business to Cybersecurity Risks
A threat management company polled over 1,000 employees in the U.S. aged between 18 and 65 who traveled with company gadgets. The 2017 survey revealed how mobile employees routinely leave businesses open to digital risks.
Bringing Work Gadgets While on Vacation
Over 55 percent of the respondents feel the need to bring a work gadget wherever they go, even on personal travels. Obviously this increases the risk of the device being damaged, stolen, or breached.
Using Non-Work Gadgets to Access Work Email, Files, etc.
The survey also revealed that 54 percent of the respondents use personal devices to open work-related emails and files. This makes the company’s digital assets vulnerable as the security of personal devices are often not a consideration as they are on company devices.
Using public WiFi
The survey also discovered that 77 percent of employees say they connect to free or public WiFi while traveling, and about 63 percent will use public WiFi to open work emails and files. Twenty percent of the respondents shared they had previously left work gadgets unattended while traveling.
Cybersecurity Policy: Ignorance, Noncompliance or Lacking One?
According to a Ponemon Institute study, 2018 Cost of Insider Threats: Global Organizations, negligent workers are to blame for 64 percent of all insider threat cases in 2018. In this study, 49 percent of the respondents revealed they are not aware of a travel-related company digital security policy.
Meanwhile, the previous survey revealed that 51 percent of employees aren’t aware of cybersecurity regulations for corporate devices while out of the office.
Employee awareness of protocol is a good start. But the question is how many of the workers will comply? A mandatory cybersecurity and insider threat training may be needed for employees and internal users to realize the threat they pose to the organization.
Cybersecurity Best Practices For Traveling Employees
Whether going on vacation or a business trip, and especially when traveling internationally, the Federal Communications Commission has these tips you can follow:
Pre-Travel
Before leaving, proactively secure your devices and personal information, including name, date of birth, address, and Social Security number. Limit yourself to the devices that you will need during your trip. Backup your files, delete sensitive data, use strong passwords, and make sure that your antivirus software is up to date.
During Your Trip
Your vacation is a time to relax, unwind and momentarily forget about the office. But don’t let your guard down when using company devices, even when you’re just posting vacation pictures on Instagram.
Secure your gadgets when in hotels, airports, and other public places. Opt for a privacy screen on your laptop to limit the visibility of your screen.
Using public WiFi like you’ll find in coffee shops, hotels, airports, travel agencies increases cybersecurity risk. Use caution when using public WiFi by following these measures:
- Don’t access bank accounts or make online purchases.
- When traveling abroad, use a new set of passwords / PIN.
- Deliberately use a wrong password to log on to the public WiFi. If you can get access despite the mistake, it’s a red flag that the network is not secure.
- Turn off the auto-join feature of your phone when logging into a public network.
- Occasionally alter the settings of your device to disconnect from the network, then log in again.
Post-Travel
Upon your return, change your passwords and update security software on all your devices as they can be compromised and susceptible to malware if you use local networks abroad.
As gatekeepers of the organization’s digital assets, all employees are a potential inside cybersecurity threat whether they even know it or not.
Knowing how your digital habits, especially when in transit, can potentially expose your company to cybersecurity risk can help you mitigate it. Whether traveling for business or pleasure, make sure to include cybersecurity measures in your travel checklist.