Thanks to the cloud and great online collaboration and communication tools, it’s no longer a problem to work from literally anywhere. In the summer, from the beach, if the nature of the profession allows it. But greater flexibility also means some cybersecurity risks. How to deal with this?
Travelling for work is a pleasant diversion for many employees, but it also brings with it increased risks from cyberspace. Whether your employees are travelling for business meetings, conferences or business trips, it’s important to ensure they are as protected as possible from cyber threats.
That’s why travel security should be an integral part of your company’s cybersecurity policy. By following these recommendations, you can minimize risks and ensure that your employees are safe wherever they are in the world. Implementing effective measures will contribute to the overall protection of your company data and keep your business running without any unpleasant interruptions.
So here are some tips for ensuring security while travelling that should be part of your company policy.
1. Secure Wi-Fi Connection
Public Wi-Fi networks, such as those in hotels, cafés or airports, can easily be hacked or spoofed. Instead, encourage your employees to use mobile data (and give them an unlimited plan), or require a secure VPN connection if you already need to use public Wi-Fi.
Wi-Fi networks that don’t even protect passwords should be absolutely unacceptable.
2. Device Encryption and MDM
According to a fresh survey this year, up to 70% of data leaks are somehow linked to laptop theft and 29% of laptops are stolen while on business.
Employees should therefore check that their devices are encrypted before leaving. This includes not only laptops, but also mobile phones or tablets. This way, if a device is lost or stolen, data will be protected from unauthorised access. From personal experience, we recommend the BitLocker encryption tool for Windows devices. It is already part of the operating system, for which it is therefore best suited.
And one more little thing that can have big positive consequences. Use MDM (Mobile Device Management) to manage your equipment, or activate the Find Device feature. Then a user or administrator can locate, remotely lock or wipe a specific machine.
3. Software updates
Make sure all devices have the latest security updates. Software updates contain fixes for security vulnerabilities that can otherwise be exploited by hackers.
If you don’t have an in-house IT department, leave it in the hands of experts and you won’t have to deal with it anymore. An expert IT outsourcing company will make sure you always have the latest updates on all your devices.
4. Use strong passwords and multi-factor authentication
Set up a strong password policy in your company. Require employees to use strong and unique passwords for every device and service they use. Multi-factor authentication adds an extra layer of protection by requiring a second authentication step, such as a code sent to a mobile phone app or a biometric. Set it up wherever possible.
And if you can, avoid passwords altogether. Switch to modern and more secure passwordless logins.
5. Caution when connecting USB devices
USB devices may contain malware. Warn your people not to connect unknown USB devices to company computers. If any such equipment needs to be used, it should be scanned for malware first.
It is also a basic policy to avoid public chargers at airports or shopping malls – everyone should only connect their devices where it is safe to do so. Instead, give employees power banks for Christmas. That way, they can keep their phones or tablets charged on the go without the risk of information being stolen.
6. Backing up your data
Make sure all employees back up their data regularly. Or bet on the cloud. These services can be a great option if they are properly secured and encrypted. That way, if you lose hardware, you’ll still have access to important files and data.
7. Physical security
However, physical security is still related to cyber security. Users should be vigilant and never leave their devices unattended. They should use safes in the hotel and carry everything with them in public places.
Leaving a laptop unlocked and leaving not only the machine but also its contents at the disposal of thieves should be a no-brainer.
Tip: For added security, you can also equip employees with various gadgets that further increase protection.
8. Education
Regular training on current threats and cybersecurity best practices is crucial. Everyone in the company should be informed about the risks of phishing, social engineering and other techniques used by cyber attackers.
If you need to set up a company cybersecurity policy, implement the necessary measures and manage endpoint devices, feel free to give us an echo. We’re here to help you protect your data and systems.