Now that the temperature is rising, many employees are considering spending time away from their desks. You may be more inclined to head to a conference in Barcelona or take a trip with your family, but always keep your company phone with you.
Whether you’re flying or enjoying a staycation closer to home, moving your business away from your usual workplace brings a host of new security risks. These include unsecured Wi-Fi networks, infected public charging ports, and Bluetooth attacks.
So if you're heading off on vacation with a laptop in hand this summer, TechRepublic spoke to experts to find out the best tips for securing your digital devices and business data.
SEE: Essential Travel Tips for Business Professionals from TechRepublic Premium
1. Consult the internal security team before traveling
Tim Rawlins, senior advisor and security director at NCC Group, said it is important to speak to your company's security team before travelling with work devices to ensure you are aware of all policies and processes.
“Working abroad is not always allowed; there may be visa issues or security restrictions like geo-blocking and data sovereignty issues that you may not have considered,” he told TechRepublic.
“Stay informed about local conditions and be aware of common scams and threats in the area you are visiting. Immediately report any suspicious activity or potential security breaches to your organization’s IT or security team.”
2. Don't use public Wi-Fi networks
Martin Lee, head of EMEA at cybersecurity firm Cisco Talos, told TechRepublic in an email: “It's always tempting to save on data roaming fees and allowances by joining public networks or Wi-Fi. However, it may be worth considering paying extra rates to protect your data.”
“Shared public networks can be shared with untrustworthy people, or a seemingly free network can be a malicious decoy network set up to fool the unwary. A criminal spying on a network can steal cookies or session tokens to gain access to your confidential services.
“Alternatively, an attacker can create a man-in-the-middle attack to impersonate a key system while intercepting and modifying data.”
3. Use a VPN
VPNs can be used on phones connected to local cellular networks abroad, as well as on laptops. Trevor Horwitz, founder and CISO of TrustNet, told TechRepublic in an email: “By encrypting your data before it leaves your device, a VPN ensures that any intercepted data remains unreadable.”
“Another advantage of VPN is the ability to hide your location by assigning yourself a new IP address. This helps bypass restrictions imposed by the Wi-Fi provider and improves online anonymity.”
SEE: Top 5 VPNs for Travel in 2024 (Free & Paid VPNs)
4. Keep devices out of sight when traveling
“When traveling, keep your devices out of sight,” Lee advises. “Be aware of your surroundings when using devices. Thieves are very good at grabbing devices in crowded areas and stealing them away when attention is elsewhere.”
Rawlins said to be especially careful when using a phone's mapping app to navigate. “Phones are often stolen on the street by criminals on e-bikes, or when the doors are about to close on public transit,” he told TechRepublic in an email.
5. Use dedicated work devices or virtual desktop solutions
Horwitz told TechRepublic that frequent travelers should consider having a dedicated work device that only contains the data and features needed for their trip. “This strategy enhances security by isolating travel activities from primary devices, allowing for tighter security measures and reduced risk,” he said.
“Before and after your trip, wipe down dedicated devices and return them to a clean state. Finally, be sure to review and analyze any suspicious activity that may have occurred while you were traveling.”
All data stored on a work device should be encrypted and backed up. Horwitz says it’s best to store backups in the cloud rather than on an external drive, so you can access a copy when you’re away if needed and have it updated automatically.
You may also want to consider using a virtual desktop solution that remotely connects to a device in the office. According to Horwitz, “All information and files used are stored in the virtual environment and not on the local device. If a device is stolen, there should be no data accessible.”
6. Secure work equipment
To ensure the security of the devices you carry with you, start by setting their built-in security settings and antivirus software.
Rawlins told TechRepublic: “Protect your devices with strong, unique passwords and enable biometric security features where possible. Also update your software, especially the operating system, to the latest available version.”
“Enable two-factor authentication on all your accounts, especially your email where password reset emails are sent, but use an authenticator app rather than an SMS or email sent to your phone.”
Andrew Lungsden, a security consultant at Forge Secure, added in an email: “Reducing the number of login attempts before an account is locked can also prevent someone from guessing a bad password.”
He also recommended using personal firewalls, which monitor and filter incoming and outgoing network traffic. “This helps reduce the connections your laptop might present to an untrusted Wi-Fi network and reduces the number of potential targets for your device,” Lungsden said.
7. Use a privacy screen
Lungsden said: “If you’re working on projects that contain customer information or sensitive data, having someone sitting nearby looking at your screen can be a problem.
“You can reduce this risk by installing privacy screens on your laptop or mobile device. This is a screen protector that hides your screen from anyone who isn’t looking at it directly and can add a little extra protection to your company data.”
8. Disable USB ports
According to Lungsden, “The USB ports on your device can be disabled. It only takes a few seconds for a USB device to be plugged into your laptop, a program to run automatically, and your device to be compromised. There's also a good chance that you don't need USB ports when you're traveling.”
“If you turn them off before you travel, it can help eliminate a potential risk.”
9. Configure device lock and remote wipe features
There is a higher chance that a thief will get hold of your work device when you are traveling with it, and it may also be unlocked at that time. Therefore, don’t forget to configure its lock settings.
Lungsden said: “You can set a short lockout time and also ensure that the account will be locked when the laptop is closed. This can reduce the risk of your account being accessed.”
He added that remote lock and wipe features can be useful in the event of theft, as they can help ensure data is protected. “Many device management systems offer features like this,” Lungsden said.
10. Be careful with rental accommodations
Lee said: “When booking accommodation, double check that the booking site is the real deal and not a clone site that will take your money but not provide a valid booking. Never agree to pay for accommodation outside of the official booking mechanism, you will have no recourse to get a refund if the booking is fraudulent.”
When staying in a rental property, it’s important not to leave valuables or devices unattended, even in a locked room. “Room keys may have been cloned or stolen,” Lee said.
At the end of your stay, it’s important to log out of all devices, such as smart TVs, and not save any login details. “Otherwise, subsequent guests could have access to your accounts,” Lee added.
