Now that the weather is starting to get warmer, many workers may be considering spending some time away from their desks. They may feel more inclined to go to that conference in Barcelona or take a trip with the family, but always keep the company phone number handy.
Whether you're hopping on a plane or enjoying a vacation close to home, moving your business away from your usual workplace brings a host of new security risks, such as unsecured Wi-Fi networks, infected public charging ports, and Bluetooth attacks.
So if you're heading off on vacation with a laptop in hand this summer, TechRepublic spoke to the experts to find out the best tips for keeping your digital devices and company data safe.
SEE: Essential travel tips for business professionals from TechRepublic Premium
1. Check with the internal security team before traveling.
Tim Rawlins, senior advisor and director of security at NCC Group, said it's important to speak to your company's security team before traveling with work devices to make sure you're informed about policies and processes.
“Working abroad isn’t always allowed; there may be visa issues or security restrictions like geo-blocking and data sovereignty issues that you may not have considered,” he told TechRepublic.
“Stay informed about the local situation and be aware of the most common scams and threats in the region you are visiting. Immediately report any suspicious activity or potential security breaches to your organization’s IT or security team.”
2. Do not use public wifi networks
Martin Lee, head of EMEA at cybersecurity firm Cisco Talos, told TechRepublic in an email: “There is always the temptation to save on data roaming fees and allowances by joining public networks or WiFi. However, it may be worth considering paying additional fees to keep your data safe.”
“Shared public networks may be shared with suspicious individuals, or a seemingly free-to-use network may be a malicious spoof network created to fool the unwary. A criminal spying on a network can steal cookies or session tokens to gain access to your sensitive services.
“Alternatively, an attacker can create a man-in-the-middle attack to impersonate a key system while intercepting and modifying data.”
3. Use a VPN
VPNs can be used on phones connected to local cellular networks abroad, as well as on laptops. Trevor Horwitz, founder and CISO of TrustNet, told TechRepublic in an email: “By encrypting your data before it leaves your device, a VPN ensures that any intercepted data remains unreadable.
“Another advantage of VPN is the ability to mask your location by assigning yourself a new IP address. This helps to bypass restrictions set by the Wi-Fi provider and improves online anonymity.”
SEE: Top 5 VPNs for Travel in 2024 (Free and Paid VPNs)
4. Keep devices out of sight while traveling
“When traveling, keep devices out of sight,” Lee said. “Be aware of your surroundings when using devices – thieves are experts at stealing devices in crowded areas and sneaking them away when your attention is elsewhere.”
Rawlins said you need to be especially vigilant when using your phone's maps app for directions. “Phones are often snatched by criminals on the street on electric bikes or when doors are about to close on public transportation,” he told TechRepublic in an email.
5. Use dedicated work devices or virtual desktop solutions
Horwitz told TechRepublic that frequent travelers should consider having a designated work device that contains only the data and functions necessary for their trip. “This strategy improves security by isolating travel activities from primary devices, allowing for tighter security measures and reduced risks,” he said.
“Before and after traveling, wipe dedicated devices and restore them to a clean state. Finally, be sure to review and analyze any suspicious activity that may have occurred during your travels.”
All data stored on a work device should be encrypted and backed up. Horwitz said it's best to store backups in the cloud rather than on an external drive, so that a copy can be accessed while away if needed and is automatically updated.
Another option is to use a virtual desktop solution that connects remotely to a device in the office. Horwitz said: “All the information and files they use are stored in the virtual environment and not on the local device. In the event that a device is stolen, there should be no data to access.”
6. Safe working devices
To ensure the security of the devices you carry with you, you should start by installing built-in security settings and anti-virus software.
Rawlins told TechRepublic: “Keep your devices protected with strong, unique passwords and enable biometric security features wherever possible. Also, update your software, particularly the operating system, to the latest available version.
“Enable two-factor authentication on all your accounts, particularly your email, where password reset messages are sent, but use an authenticator app instead of a text message or email sent to your phone.”
Andrew Lungsden, a security consultant at Forge Secure, added in an email: “Reducing the number of login attempts before an account is locked out can also prevent someone from guessing an incorrect password.”
He also recommended using personal firewalls, which monitor and filter incoming and outgoing network traffic. “This ensures that the connections your laptop might present to an untrusted Wi-Fi network are reduced and helps reduce your device as a potential target,” Lungsden said.
7. Use a privacy screen
Lungsden said: “If you are working on a project that has client information or sensitive data, having someone sitting nearby looking at your screen can be a problem.
“You can reduce this risk with some privacy screens for your laptop or mobile device. These are screen protectors that hide your screen from anyone who isn’t looking directly at it and can add a little extra protection to your company’s data.”
8. Disable USB ports
Lungsden said: “Your device's USB ports can be disabled. It only takes a few seconds for a USB device to be plugged into your laptop, a program to automatically run, and your device to be compromised. It's also very likely that you don't need USB ports while traveling.
“If you turn them off before embarking on any trip, you can help eliminate a potential risk.”
9. Set up device lock and remote wipe features
There's a higher chance that a thief will get hold of your work device when you're traveling with it, and it might also be unlocked at the time. So remember to set up your lock settings.
Lungsden said: “You can have a short lockout period and also make sure the account is locked when the laptop is closed. This can reduce the chance of someone accessing your account.”
He added that remote locking and wiping features can be useful in the event of theft, as they can help ensure data is protected. “Many device management systems offer features like this,” Lungsden said.
10. Be careful with rental accommodations
Lee said: “When booking accommodation, check that the booking site is the real deal and not a cloned site that will take your money but not provide you with a valid, recognised booking. Never agree to pay for accommodation outside of the official booking mechanism – you will have no recourse for a refund if the booking is fraudulent.”
When staying in a rented accommodation, it is important not to leave valuables or devices unsecured, even in a locked room. “Room keys may have been cloned or stolen,” Lee said.
At the end of your stay, it is important to log out of all devices, such as smart TVs, and not store any credentials. “Otherwise, subsequent guests could access your accounts,” Lee added.
