If your job takes you around the world, it’s always a good idea to have a global business travel checklist on hand to make sure that you stay safe. Between booking your flight and packing your bags, there’s a lot to keep track of. You probably have your packing list so you don’t forget to bring a couple of pairs of shoes with you. However, one area that many travellers (and their companies) often forget about is data security.
Yes, it may not be the first thing that comes to mind when you’re running late to the airport and have realized that you've forgot your phone charger but data security should be a top priority for both business travellers and their organizations. Data security has become a major concern for companies. With GDPR recently coming into effect and similar laws being enacted in some US states, data security has jumped up the priority list for many companies. With fines that can reach up to 20€ million or 4% of global revenue, it shouldn’t come as a huge shock that organizations have started paying attention.
When it comes to data security, business travellers are especially at risk. Unfamiliar with the local area and often carrying loads of valuable data, business travellers are a prime target for cybercriminals. That’s not mentioning the fact that they are far more vulnerable to accidental leaks like having their phone stolen, losing a credit card, or forgetting their laptop in a hotel room. On top of that, it can be much harder for businesses to ensure the security of their employees’ devices outside of the office. That’s why it’s crucial for companies to have a data security checklist available for employees who will be going on corporate travel trips.
If your business doesn’t have a checklist ready or if you’re just a traveller who wants to keep their data safe, these are nine traveling tips that you can use to keep your data secure when you’re off on a business trip:
1. Make sure that your devices are updated with all of the latest software
It can be annoying to go offline for 30 minutes when your laptop or phone needs an update. We get it (P.S. picking up a Chromebook could be a good idea if you hate long updates). However, these manufacturer updates are done for a reason. Often times that reason is that they discovered a security flaw in their software. Since many of these vulnerabilities quickly become known to cybercriminals, a device that doesn’t have the latest updates is an easy target. When you’re packing the night before, install all of those updates you’ve been putting off for the past few weeks.
2. Keep passwords strong and up-to-date
This could seem a touch obvious but you would be shocked at how many people have extremely weak passwords for their business accounts. So, make sure that your accounts have strong, up-to-date passwords.
What’s a strong password? Generally speaking, a good password will include a combination of letters, numbers, and special characters (like !, ?, %, or &). You can also use a password manager like LastPass or Dashlane (learn more about LastPass and other Chrome security extensions here) to automatically create secure passwords for you.
3. Enable two-step verification
First off, what is two-step verification? Two-step verification is a process that only allows users access to an account if they can confirm their identity using a combination of two of the following factors: something they know, something they have, and something they are. It may sound confusing but, in practice, it’s quite simple. For example, after typing in your email password, two-factor authentication would require that you input a code that is sent to you via SMS or that appears in an authenticator app on your smartphone (some good apps for this are Google Authenticator, Authy, and Microsoft Authenticator).
Why is it helpful? Well, now someone will need your email password and have access to your smartphone in order to log into your accounts. This extra layer of security helps you keep anyone who managed to crack your password out of your accounts and gives you extra time to change that password from “123456” to something a bit more secure.
4. Disable Bluetooth
Bluetooth is really handy. You can pretty much connect your device to anything nowadays. The problem is that it goes both ways. Pretty much anything can also connect to your device. For those looking to have a peek inside your phone or laptop, having your Bluetooth enabled gives them that chance. That’s why it’s a good idea to keep it turned off when you’re not actively using it.
5. Encrypt your devices' storage disks
This is a good idea regardless of whether you’re traveling or staying in the office. Encrypting your disks converts your data into unreadable code. The only way to access the data is to have the decryption key. In the real-world, that means if you lose your laptop or phone, having the disk encrypted will make hard for anyone else to read your files.
6. Avoid connecting to public wifi or using public computers
Public wifi can be tempting. The problem is that public wifi networks are often some of the most unsecure out there. Many of them lack the necessary encryption to keep your data safe, leaving your information open to hackers. Another reason to avoid these networks is because cybercriminals can also set up wifi hotspots in public areas that pretend to be official free wifi. Don’t risk falling victim and play it safe.
The same thing goes with public computers. They could have keyloggers, a kind of software that tracks you as you type to get your usernames and passwords, and other types of malware installed on them. You can’t be sure who was using them or how they’ve been used. That’s why they should be avoided at all costs.
7. Use a VPN
If you find yourself in a situation where you have to use public wifi, there is a way to keep yourself safe. Using HTTPS in your web browser can help but a virtual private network (VPN, for short) is a much better option. Unlike the public wifi and HTTPS, a VPN will encrypt all of the data coming to and from your device, keeping it safely away from any prying eyes.
8. Use secure, cloud-based tools instead of a physical device
There’s always a chance that you’ll lose your phone or drop your laptop. Those odds become even greater when you’re traveling and running between meetings, events, and other appointments. If you have all of your files saved directly on your physical laptop or phone, you’re presented with an obvious problem. If you lose it, those files are gone and, if it gets stolen, you’re in even bigger trouble.
Nowadays, there is almost no reason not to store your files in the cloud. With cloud technology, personal computers and phones are disposable. You can misplace or wipe these devices at any time while not losing any sensitive work-related data. Even better, you can be up and running on a new device in only a few minutes.
As many public cloud providers, like Google, have advanced security features, you’re able to revoke the access of a lost or stolen device as soon as it goes missing. In addition, these providers use the most cutting-edge security to ensure that all your corporate data is safe and sound in the cloud.
9. If you’re traveling to an especially risky area, use a "burner” phone and/or laptop
If you’re traveling to a country or city that is especially risky, consider leaving your main phone at home and bringing a temporary “burner” phone. A burner phone is a phone that doesn’t contain any personal information that could be compromised if it is lost, hacked, or stolen. With your personal phone, even seemingly unrelated information, like contacts, personal emails, and past phone calls, can be used to trick family members or colleagues into divulging sensitive data. Using a burner phone can greatly reduce those risks.
The same principles also apply when it comes to your laptop. That’s why bringing a Chromebook is a great alternative to traveling with your regular workstation. Unlike your main PC or Macbook, Chromebooks come with a lot of the security features that you need to stay safe already built into them (which is also why they make great main laptops). They run using the most secure operating system, Chrome OS, have disk encryption, and are disposable. By disposable we mean that you can easily wipe the laptop’s storage at any time. A feature that is very convenient if you happen to forget it (along with all the files from your company’s new joint venture) in the airport bathroom.
There will always be security risks for business travellers in both the virtual and physical worlds. While nothing can guarantee complete data security, these nine steps will help you minimize your risk of falling victim to hackers. Whether you print it out, add it as a note on your phone, or write it down, make sure that you go through this checklist so you can ensure that your next trip is a safe one.