Don’t let a cybersecurity incident ruin your holiday season. Follow the tips below to help keep both your company-issued and personal devices and data safe during your holiday travels:
- Lock your devices. Lock your laptop and mobile devices using a fingerprint/face ID or PIN. This is your first line of defense if your device is lost or stolen.
- Physically secure your devices. Never leave your device unattended. Do not put devices in checked luggage or leave them in hotel rooms. If you use your laptop in a public space consider using a privacy screen and a locking cable.
- Use your own power adapters and cords. Public USB ports may contain malware that an attacker can use to access your devices. This could include USB ports in airports and hotel lamps.
- Report lost and stolen devices. Immediately notify your company’s security officer or IT department if your company-issued device is lost or stolen.
- Avoid public WiFi and disable auto-connect. Free WiFi is vulnerable to cyber-attacks. Turn off any auto-connect features on your devices to avoid inadvertently joining public WiFi. Turn off Bluetooth too as attackers can use this to gain access to your device.
- Change your passwords. Before you travel, change passwords that you regularly use. Then change them again when you get home. Avoid using the same password on multiple sites. Use multi-factor authentication whenever possible.
- Ensure your operating and security systems are up to date. This includes systems on your laptop and mobile devices (including apps). Using the latest anti-virus software is an effective way to protect your data. For company-issued devices, only use programs approved by your company.
- Encrypt. Encrypt sensitive information on mobile devices. Laptops should have full-disk encryption.
- Back-up your data. Before you travel, make sure your personal data is backed-up and secure. Check your company’s data back-up policies for information related to your company-issued devices.
- Follow policies and procedures. Whenever you travel, ensure that you remain compliant with your company’s security policies and procedures to protect your company-issued device and data.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.