Five Cyber Safety Strategies for Business Travelers
How can business travelers improve their cyber safety?
Business travel is on the rise, which means business travelers are accessing sensitive data in areas vulnerable to cyber threats. Kevin Roundy, senior technical director for Norton, explores how business travelers can protect themselves with five cyber safety tips.
Business travel is on the rise, with 71% of US companies expecting to reach their 2019 level of travel spend by the end of 2024. With increasing travel, however, comes increased cyber risk. Business travelers carry sensitive data and proprietary company information on their devices, and many are accessing this data in public settings vulnerable to cyber threats, like airports or hotels.
While company devices typically come with security measures in place, the responsibility of cybersecurity does not solely fall on the corporation. Business travelers must practice good cybersecurity hygiene to help combat the ever-evolving cyber threats inherent in our hyper-connected world.
These five tips help break down how business travelers can protect their data and devices while traveling.
1. Avoid Public Wi-Fi Networks
While free Wi-Fi or hotspot access in airports, hotels or conference centers is appealing (and necessary in many cases) for business travelers, unencrypted networks carry added risk to a user’s personal data. Primarily, sensitive information or data shared over a public network could be intercepted by bad actors, which could have devastating effects when dealing with highly confidential information stored on corporate devices. Computers utilizing public Wi-Fi could be remotely exploited by bad actors, infecting computers with malware.
If Norton had to give one piece of advice for business travelers, using a virtual private network (VPN) while connecting to public Wi-Fi would be it. VPNs encrypt a user’s data and hide the user’s IP address, allowing for private and secure online activity. Installing a VPN is arguably one of the easiest and most important tools to implement to help safeguard against malicious threat actors.
2. By Wary of Public Charging Stations
While public USB charging stations seem like a saving grace for dying phones or tablets, the FBI recently warned that bad actors have figured out ways to take advantage of public charging ports to introduce malware or spyware onto devices, otherwise known as “Juice Jacking.”
Power isn’t the only thing passing through charging cables when connected to another device – so is data. This means that when travelers use public charging stations, the USB cord opens a pathway into the device that a cybercriminal can exploit.
Public USB charging stations contain two cybersecurity risks – data theft and malware installation. Data theft allows cybercriminals to steal data on a device through a compromised port. Hackers will use a crawler program on a user’s device to search for account credentials or financial information to impersonate a victim or access their accounts.
Malware installation is troubling as hackers can clone a user’s phone data and transfer it back to their own device. Malware can also be used to track a victim’s personal information, including location, recent purchases, social media interactions, photos or messages.
Instead of heading straight for public charging stations when batteries are running low, travelers should opt for electrical outlets and utilize proper software security measures. Travelers can also choose a USB pass-through device or USB data blocker, which allows power to flow through the cord without transferring the data.
3. Keep Operating Systems and Apps Updated
Business travelers should keep their operating systems and applications updated to prevent hackers from taking advantage of open security holes.
Software vulnerabilities allow cybercriminals to plant malware on devices to steal information and encrypt files. However, security patches block open doors to keep devices protected from threat actors. This is especially important for corporate devices that may share a network, as infected devices can spread malware to other colleagues.
Check for software updates in the settings of a device and, when possible, set up automatic updates to patch any vulnerabilities as soon as possible.
4. Disable Bluetooth Connectivity
Similar to automatic Wi-Fi connectivity, Bluetooth connection presents four main cybersecurity concerns, as follows:
- Bluesnarfing is a type of cyberattack that steals information, including photos, text messages, or emails from a device via Bluetooth, which can often lead to identity theft.
- Bluebugging is a type of attack where a cybercriminal gains access to a user’s device using a secret Bluetooth connection to access private data, allowing them to impersonate a user.
- Bluejacking is when another device sends unsolicited phishing messages through Bluetooth, which can contain malicious links.
- Bluesmacking uses a specific denial of service (DoS) attack to force a device to shut down through oversized data packets. Once the device is shut down, hackers use bluesmacking as a gateway for further severe attacks.
Aside from disabling Bluetooth connectivity when not in use or in public areas, business travelers should also change settings to “Not Discoverable” and if needed, only connect with other known users or devices.
5. Lock Devices Down
In 2022, over 422 million individuals were affected by data compromises, including data breaches, leakage and exposure. Many of those data breaches originated from risky behavior, including leaving devices unlocked.
Most corporate employees have sensitive information on their devices. Remember to keep laptops, smartphones and tablets locked with a PIN or password and change them regularly. This prevents unauthorized people from accessing devices and protects any important communication or files. If a device is stolen or misplaced, passwords can act as the first line of defense in a security breach. Beware of shoulder surfing when you unlock your phone with a numeric-style pin in a public area.
See More: How to Gain Stakeholder Support for Cybersecurity Awareness
Stay Hypervigilant
As business travelers hit the road again, it’s important to understand their vital role in ensuring an organization’s data and sensitive information is safe while on the go. Cybercriminals are becoming more sophisticated, finding new attack vectors daily, and business travelers are on the front lines to keep data safe.
Remaining hypervigilant against cyber risks during travel is critical, and the responsibility typically falls on the employer. By following these practical steps, travelers can significantly mitigate their risk of falling victim to a cyberattack that could have devastating consequences.
What cyber safety measures do you take when you travel for business? Share with us on Facebook, Twitter, and LinkedIn. We’d love to hear from you!
Image Source: Shutterstock
MORE ON CYBER SAFETY
