There was a time early in my career when I could leave home and go on a business trip leaving my job behind while traveling on a plane, only to land and have my pager ring, forcing me to run to a public telephone nearby to catch up with your work problems.
Phone booths are a thing of the past. In fact, if you want a good laugh, try showing a picture of a payphone to a Gen Z’er and ask him what is it?
Today, we are all interconnected, whether by cell phone, email, text or social media, and reachable 24/7, even when traveling at 30,000 feet. Travel security used to mean securing your purse or wallet, or your credit card, avoiding sleazy motels and crime infested areas. It is still important. But traveling safely today also means protecting yourself when using public Wi-Fi.
When I think back to the number of times I’ve jumped on a computer in a hotel business center without an ounce of concern, it gives me chills. I didn’t realize at the time that hackers could have used malware to steal my password after logging into my work email or checking the balance in one of my bank accounts.
Today, you need to protect your computer, tablet or mobile device like your online passport. You would never leave your passport or wallet lying around the lobby of a restaurant, airport or hotel to allow others to access your personal information. But by using an unsecured public Wi-Fi network while traveling, you could expose data that could make your online accounts vulnerable and put you at risk of identity theft.
Now more than ever, organizations face heightened cybersecurity risks when their employees travel for business. Business travelers are prime targets for cybercriminals because they often carry valuable data and don’t always pay attention to securing their devices.
Laptops, smartphones and tablets of business travelers are particularly vulnerable to data breaches, loss and theft. According to a study by Morning Consult on behalf of IBM Security, more than 1 in 7 travelers have had their personal information stolen while on the road or abroad.
Among the common cyber threats that business travelers may face are publicly accessible hotel computers – 64% of business travelers have used their login credentials to access accounts on public and hotel computers. Public computers often lack sufficient security capabilities and can be infected with malware just waiting to steal your information. Hotels specialize in hospitality, not information security.
Remember that there is no guarantee that the person who set up the business center or hotel Wi-Fi system actually installed, activated and updated the security features. It’s not their information they’re protecting, and they have no interest in protecting your information.
Hackers are finding innovative ways to gain unauthorized access to personal information or company data. However, one of the easiest ways to do this is to use an unsecured Wi-Fi network. According to IBM X-Force Incident Response and Intelligence Services (IRIS), 84% of business travelers connect to public Wi-Fi networks. Although convenient, public Wi-Fi networks are insecure and can allow cybercriminals to gain easier access to connected devices – as well as the data stored on them – than private Wi-Fi networks.
When a Wi-Fi hotspot is unsecured, it means that the data you transmit or receive is not protected. Anyone on the same network could spy on your information if they have the know-how. If you decide to use free public Wi-Fi, be careful about the types of sites you visit. It is best not to connect to sites that require a password.
The theft or loss of your electronic devices is a major threat for business travelers, as it can lead to the exposure of important data. Devices can be lost or stolen from airports, hotel lobbies, conference rooms or rental cars.
Neglecting cybersecurity when employees are on the road or abroad can be detrimental and costly for any business or organization. The cost of data breaches is rising rapidly, increasing by 10% year over year according to the CyberSecurity Ventures 2021 report. According to the latest Data Breach Report from IBM and the Ponemon Institute, the cost of a data breach in 2021 is US$4.24 million, a 10% increase from the average cost in 2019 which was $3.86 million.
Here are some countermeasures employers can implement to minimize cybersecurity risks for business travelers:
Establish Wi-Fi policies. Above all, employers should implement policies requiring employees to confirm network name and specific connection procedures with appropriate personnel before connecting to public Wi-Fi networks at airports or hotels. Sensitive activities, such as banking or confidential work-related projects, should not be conducted on public Wi-Fi networks. Employers should provide periodic refresher training to their employees. Auto-connect should also be disabled so that devices do not automatically connect to Wi-Fi networks.
Organize training on the physical security of digital valuables. Most travelers let their guard down once they arrive at their destination, but this can be one of the times when they are most vulnerable to theft. Employers should encourage business travelers never to leave their devices unattended. Employees should also be instructed to use strong passwords or multi-factor authentication capabilities, where possible, and to lock devices in hotel safes when leaving their rooms.
Exchange passwords. Encourage your employees to change their passwords before travelling. If someone needs to log into accounts with sensitive information – like social media, bank accounts, or email accounts – ask them to change to a new complex password before leaving, then ask- him to change it again when you get home.
Enforce the use of virtual private network (VPN). Through a VPN, all online traffic is routed through an encrypted virtual tunnel. Such a network reduces the risk of cyberattacks by establishing a secure connection between users and the Internet. Employers should create VPNs and require employees to use these networks whenever possible, especially when traveling for business.
Encourage employees to pack a minimum of devices. Leaving unnecessary technology at home can help reduce the risk of data theft or loss. Thus, employers should only allow employees to bring devices that are essential to performing their duties on the road or abroad.
Requires regular software updates. Cybercriminals usually look for security holes in outdated software. Updates are sent to fix software flaws and reduce the risk of attack from cybercriminals. Employees should be required to regularly update the software on all their devices.
Establish response plans. Employers must have specific response plans that outline the actions to be taken when devices containing confidential information are compromised, lost or stolen on the road and abroad. Business travelers often carry sensitive personal and business data on various electronic devices, making them vulnerable to cyberattacks. It is important to stay on your guard when traveling to best protect your personal and professional life safely.
Remember, there are hundreds, if not thousands, of hackers who want to shop with your credit cards.
Be safe my friends!