Virtualization Technology News and Information
8 Cybersecurity Summer Travel Tips IT Teams Can Share with Employees


By Corey Nachreiner, CSO at WatchGuard

If you're a savvy traveler, you probably have a checklist to make sure you have everything ready before you go on vacation: flight, hotel, swimwear, flip-flops, a good list of places to visit, restaurants where you want to go for dinner, and plans with family and friends. 

If you're an IT professional, you might want to think about sharing a different checklist with your fellow employees, one that helps ensure both the company and their identity, network and information are secure, too? Today I'm sharing eight summer travel tips to share with employees before, during and after vacation. Ensure your team follows these tips so everyone can enjoy a #CyberSafeSummer: 

1.      Personally secure your essential files: At most workplaces, the IT or security department should already be handling some secure backup for you. If you don't know their backup policy, you may feel better by creating a personal backup of your important files for yourself. You can do a one-time backup by copying all your files and documents you've stored on your computer to another place. Backups should exist remotely, not locally, so one easy way to accomplish this is just transferring a copy of these files to a USB storage device. Backing up will ensure that you can return all your files to the exact state you left them when you return, in case anything goes wrong while you're gone. That said, be sure to check with IT first, as it's a waste of time to do this if they are already backing up for you, and they may have policies around moving files off your corporate computer. 

2.      Shut down all your computers and devices that aren't in use during your vacation: Nowadays, many of us leave our work and home computers, as well as many IoT devices, on at all times since we use them every day. It's quicker and easier to have them up and ready. However, if you won't need to connect to them during your vacation remotely, turn them off! When a device is on, it's also online, leaving it open to attack (depending on your protections). If it's off, it can't get hacked. If you aren't using it for many days or weeks, why not just shut it off to avoid any chance of an attack?

3.      Update before leaving the office: Not updating software as recommended can open the door to vulnerabilities. Before leaving for vacation, perform all pending system updates, and be sure to review any pending updates and apply them as soon as you return. Again, your IT department usually has processes or tools that force and automate updates. If that's the case, you may not have to do anything. However, sometimes these automated solutions ask the local user if they can update and reboot. So be sure to approve the updates before leaving.  

4.      Avoid accessing your corporate email from public networks without the proper protection: Your hotel or Airbnb probably has a public Wi-Fi network. Avoid using a public network if you need to access your corporate email or company documents during your vacation. Try to at least use a Wi-Fi network with a password to offer some essential protection from the general public. Nowadays, with increased remote work, IT and security departments do not totally ban the use of public networks; however, they impose requirements to use them. Public Wi-Fi networks have become a reality for many traveling workers, but you need to make sure you employ protection on your computer when using them. 

5.      Download only reliable apps: You may want to download a game or an app to edit your vacation photos and videos during your free time. Be very careful if you use the same device for leisure as for accessing email or corporate applications. Malicious apps can access all the data on your phone, including your company's data. If you want to download an application, only do it from known 1st-party sources and repositories. For instance, only get apps from the official Apple or Google stores on mobile devices. Or only download through the Microsoft or Apple App stores for computers. People run into the most trouble with malicious apps when they download things from non-official sources. Also, don't pirate. Besides being illegal in most countries, few things are free, and many pirated apps come with malware.  

6.      Protect your identity: Provide the least required information to achieve the task. Don't be afraid to ask what the information requested will be used for. Is it necessary to provide a scan of your passport or credit card? Do they need to write down your credit card number, expiration date and security code after making a successful payment? Consider the outcomes before disclosing any personal information you want to keep secure. 

7.      Enable two-factor or multi-factor authentication (2FA/MFA) whenever you can: Attackers have many ways to steal your passwords. Perhaps they acquired the password by phishing you. Maybe they hacked a site you visited and got your password from there, and if you use the same password in other places, this is a problem. Malware can steal passwords too. However, MFA can save you even when an attacker knows your password. This makes it much more difficult to hack into your accounts even when threat actors steal your credentials, and, best of all, you get warned that an attempt is being made to gain unauthorized access to one of your services. 

8.      Don't get caught in a phishing attack: Even though it's summer, cybercriminals are still on the prowl and you could receive a phishing attack at any time. If you receive a suspicious email about an urgent password change, a payment to a supplier that can't wait, or anything else strange and suspicious, beware! Even if it comes from a known contact, it could be phishing. Verify the sender's address and, if in doubt, do not reply to the message or open its links or attachments. 

Don't let preventable cybersecurity issues like enabling MFA, updating and shutting down devices, being alert about phishing messages, and securing your identity and files ruin your summer plans. Everyone should appreciate the valuable time of relaxing with family and friends, be sure to share these eight tips with your employees so everyone can stay worry-free and enjoy a #CyberSafeSummer. 



Corey Nachreiner, Chief Security Officer, WatchGuard

Corey Nachreiner

Recognized as a thought leader in IT security, Nachreiner spearheads WatchGuard's technology vision and direction. Previously, he was the director of strategy and research at WatchGuard. Nachreiner has operated at the frontline of cyber security for 16 years, and for nearly a decade has been evaluating and making accurate predictions about information security trends. As an authority on network security and internationally quoted commentator, Nachreiner's expertise and ability to dissect complex security topics make him a sought-after speaker at forums such as Gartner, Infosec and RSA. He is also a regular contributor to leading publications including CNET, Dark Reading, eWeek, Help Net Security, Information Week and Infosecurity, and delivers WatchGuard's "Daily Security Byte" video on Facebook.

Published Tuesday, July 26, 2022 7:33 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<July 2022>