As the holidays approach, many employees will be traveling to spend time with family and friends. This surge in holiday travel introduces unique cyber risks, presenting bad actors with opportunities to compromise enterprise network security and gain access to sensitive business data.
Increasing travel coupled with the rising number of cyberattacks make it imperative for both companies and employees to take actionable steps to remain cybersecure.
Here are three things companies can do to safeguard data security and privacy as employees travel and three things employees can do to stay cybersecure while traveling.
Companies
Provide cybersecurity training
Employees may not be as diligent about practicing good cyber hygiene when they travel. That’s why it is important to ensure cybersecurity is top of mind by continuously educating employees about cybersecurity measures to take during holiday travel.
A survey of North American business travelers commissioned by World Travel Protection revealed that few business travelers said their organizations require a cybersecurity training course before traveling and 1 in 10 said their company hasn’t asked them to take any cybersecurity measures while traveling.
To mitigate cyberthreats associated with travel, enterprises need to provide regular cybersecurity training to help employees avoid potential cyberthreats away from the office. This training should make employees aware of best cybersecurity practices when they travel including updating software to protect against malware, locking devices when not in use, enabling multi-factor authentication, and avoiding the use of publicly accessible computers during holiday travel.
Require VPN only remote access
Requiring the use of VPNs on devices helps secure data by creating an encrypted connection on public and private networks. The benefit of using VPNs is data security – when a remote employee sends data through a VPN, it is encrypted, so even if a hacker is able to intercept that data, they aren’t able to use it. Make sure employees have access to the company’s VPN and know how to use it.
Provide employees with secure mobile messaging technology
Providing employees with user-friendly mobile messaging tools that don’t compromise security or compliance eliminates the use of unsecure mobile messaging apps and optimizes employee work experience and productivity while keeping data secure, especially during holiday travel.
All-in-one mobile messaging platforms built for the enterprise are designed to enable secure business communication across multiple channels.
Using secure mobile messaging technology like this mitigates cyber and compliance risks in business communication wherever employees are. The technology reduces the attack surface, providing no point of entry for malicious hackers intent on accessing sensitive enterprise data.
Enterprise-grade mobile messaging platforms feature end-to-end encryption (E2EE), protecting data at rest and in transit and ensuring that only the sender and receiver can read messages. Secure by design collaboration technology like this provides employees with a convenient and frictionless way to share ideas, files, and data without compromising security or compliance. This is so important during holiday travel.
Employees
Avoid unsecure public Wi-Fi networks
During holiday travel, employees should avoid using widely available public Wi-Fi which presents security risks. Wireless networks available at airports, restaurants, hotels, cafes and other public locations are often unencrypted and unprotected, making enterprise data vulnerable to exposure and theft. A survey by Forbes Advisor found that 40% of respondents had their information compromised while using public Wi-Fi. The survey also revealed that the majority of people had their information compromised on airport or restaurant public Wi-Fi.
Turn off auto-connect and Bluetooth
Many devices have a setting to automatically connect to Wi-Fi and Bluetooth. Employees should turn off this feature to be cyber-safe as they travel. This can prevent connecting to unsecure public networks that can be set up by bad actors to download malware to a device. Disabling the auto-connect Bluetooth feature is also important to prevent cybercriminals from connecting to and hacking a device.
Avoid using public charging stations
Employees should also avoid free charging stations during holiday travel. While these charging stations may seem convenient, they can be infected by bad actors who load malware onto them to maliciously access electronic devices while they are being charged. Known as juice jacking, this exploit is a security threat at airports, shopping malls and other public places that provide free charging stations for mobile devices.
A Federal Communications Commission advisory provided some tips to guard against juice jacking including:
- Using AC power outlets to avoid any potential risks.
- Carrying an external battery.
- Carrying a charging-only cable, which prevents data from sending or receiving while charging, from a trusted supplier.
- Selecting “charge only” if a device is plugged into a USB charging station and a prompt appears asking the user to select “share data,” “trust this computer” or “charge only”.
Conclusion
By following these helpful tips, enterprises and employees can ensure cyber-safe during the holiday travel and throughout the year.