We’re all guilty of only engaging with employees when we need something. It could be that we want them to complete a training module or perhaps check a particular box for a compliance requirement. Well, summer is here, and it’s a great opportunity to provide employees with helpful security tips beyond cybersecurity housekeeping!
We’re providing this handy checklist to add value for your employees while they travel and spend time with family and friends. Feel free to copy and paste the whole thing, or choose the parts that work for you, and send it to employees in your next security communications outreach.
Some of these tips may sound straightforward or obvious, but we all get distracted and none of us are completely immune from making mistakes, so it’s important to get a refresher from time to time!
You deserve a break – but don’t forget to stay vigilant!
No one wants to think about crime and theft when they’re on summer vacation, especially after the long months of COVID-19 lockdown and pandemic-related stress. But unfortunately, attackers don’t take time off, and unlike school – criminals are always in session.
While you’re enjoying your break from the day-to-day, here are 5 tips for ensuring you don’t raise the risk levels while you lower your guard.
5 simple guidelines to a secure summer vacation
#1. Use mobile data plans or secure WiFi
82% of people say that when they’re out and about, they will connect to any free public WiFi that’s available. 71% continue that they are “not concerned at all” about the associated security risk. While away from home, mobile data can incur heavy charges, and public WiFi might seem appealing. However, for hackers, the abundance of new victims with little knowledge of security is also appealing.
- Man-in-the-middle attacks: A hacker stands between you and the WiFi network, impersonating the network to gain access to your information. This happens due to unsecured connections, and all open WiFi networks are unencrypted.
- Rogue access points: These can be installed on the network by attackers, and may impersonate real websites to trick users into giving up their credentials. They can be almost impossible to spot.
- Malware injections: If someone with malicious intent shares the same public WiFi as you, they can plant malware or other viruses onto your device. This could be ads, trojans, worms, or even ransomware, all remotely downloaded onto your device.
Practical tips for internet safety abroad:
- Use a VPN: Only 1% of people secure their use of public WiFi by using a Virtual Private Network (VPN). Avoid connecting to public WiFi if possible, but if you have no other choice a VPN can help to secure your connection. If you’re not sure which VPN software to use – why not reach out to the Security team to ask which ones they have vetted or would recommend?
- Choose websites carefully: If you do need to use a public WiFi connection, never log in to password-protected websites that ask for or contain sensitive information — for example, your internet banking or social networking sites, or even your email. Only use your credit card with known brands, and never on a website that doesn’t have HTTPS encryption.
#2. Leverage family safety features or apps
Let’s face it – a vacation with kids might be stressful. Whether it’s babies and toddlers who can’t be let out of your sight, or worrying about older teens who are exploring a new location alone, it can be tough to relax when you’re worried about your children!
Technology can help you to stay alert on their location and wellbeing, giving them the freedom to explore without adding to your stress levels!
Here are a few tools that can help you keep track. Remember, these features and applications require your kids’ consent to use. Why not use this opportunity to discuss the risks of being away from home, create an action plan for if they got lost or run into difficulties, or even open up a wider conversation on safety both online and off?
- Mobile apps: Try the FindmyKids GPS tracker for Android or iOS, which allows you to securely track the location of your children via GPS. Apple and Android both offer parental controls – family safety features that can track activity online, too.
- Wearables: Worried about younger children? Try a device like Jiobit, a small GPS tracker that can fit just about anywhere (belt loops, shoelaces, straps, etc.), or a tracking watch like Xplora X5 Play, which doesn’t require a SIM and costs roughly $170. As long as your child has this watch on, you’ll be able to track their real-time location. Plus, you can create alerts for when your child leaves an area so that you know they’re on their way back.
#3. Protect yourself from thieves
More phones are lost in July than in any other month, with the summertime a popular season for pickpockets and thieves. Perhaps more worrying still – Kaspersky found that 28% of people have no way to recover the files that are on their devices. This is more than simply holiday snaps. Boarding passes, travel documentation, reservations, maps, and more are on a travelers mobile phone when they’re on vacation. Today, as so many employees use their phones for work, you may also be at risk of losing sensitive corporate data.
Here are a couple of simple, yet powerful, things you can do to protect yourself.
- Screen lock: 28% of users aren’t even utilizing screen lock. The best practice is to use a 6 digit PIN or a biometric sensor. If you opt for a swipe lock you should choose a random one, not a letter for example. 77% of users start their swipe pattern in one of the corners, with 44% choosing the top-left corner.
- Backup: Back up your information! Google Drive or Apple’s iCloud can be used to back up anything from your camera photos to your documentation. You might even want to invest in a paid account that would store photos in high resolution.
- Hard copies: We’re glad you’re on vacation – but we want you back! Ensure your travel documents aren’t limited to digital and locally on your device, keep them secured and backed up on the cloud, as well as with a printed copy in a safe place, preferably the hotel safe!
#4. Limit exposure in your social media accounts
Letting the whole world know that you’re heading on vacation is a great way to let burglars know that your home is sitting empty. We all want to share our holiday snaps and updates with our friends and family – but think smart when it comes to social media coverage, with these precautionary steps:
- Friends only: Limit your social media account, even if it’s just for the duration of your trip. On Twitter for example you can make your tweets followers only, while on Facebook you can change permissions to Friends, rather than public or even Friends of Friends.
- Think about what you share: “Vacation time! 🌞😎🏖️” tells a burglar much less than “Off to Spain, back in 2 weeks! (Key under the plant pot)” We’re kidding but you get our point.
#5. Use official websites only
When we finalize our travel plans, we expect to receive email confirmations and updates from airlines and hotel representatives. Hackers know this, and craft phishing emails pretending to be our hospitality rep, with instructions to finalize a reservation or reset our password. In the flurry of activity in the lead-up to a vacation, none of us are at our most careful. Phishing emails often target accounts like credit cards and frequent flyer logins, where valuable financial information can be harvested.
When traveling, every phishing email about vacations would seem contextual. An email about flight delay has a higher chance of grabbing our attention even if it’s from the wrong airline. Official notifications about your bank account, your itinerary, or even those with poor English and grammar due to being sent from a holiday destination have a higher chance of making it past your defenses.
Two tips for consuming travel notifications safely:
- Use the app. Most airlines and often even hotels have their own app that will alert you to changes and updates. Install it immediately, so that you’re not reliant on email.
- Don’t click! Instead of clicking on any notification from an email, take a step back. Leave the email, head to your browser, and type in the official website URL. Then look for the required action directly. It’s an added step, but it eliminates risk.
Work hard, play hard
Don’t let the threat of criminals and thieves ruin your well-earned time off. We hope these tips and tricks are helpful, and that you have an awesome vacation! If you have any other questions about staying secure on and offline, please don’t hesitate to reach out!