With the great powers of the Internet have come great opportunities—for both everyday workers and the hackers who would happily steal said workers’ information for their own personal gain.
As Harvard Business Review recently reported, hackers are increasingly emboldened by the likes of spymail, which is malicious email that transmits the recipient’s location and online activity to hackers when opened. Businesses are increasingly at risk of compromised email—the FBI reported earlier this year that associated losses have risen by 1,300% since January 2015, to the tune of $3 billion globally.
Scammers use the information they gather to develop phishing emails or phone calls directed at business executives or their teams in order to access sensitive data about the company and its employees. These scams have proven to be particularly effective when a team member is traveling, because it makes it more difficult to determine the legitimacy of an email. Medical companies, attorneys, accountants, and companies that frequently send money overseas are scammers’ most frequent targets, but virtually any businessperson’s information is at risk.
If you ever travel for work (or simply use your work email while traveling), following the steps below can help ensure that your sensitive information doesn’t fall into the wrong hands.
Install updates and download security software before you leave.
If you’ll be using any software during your trip, make sure you’ve installed the most recent version, which will include security updates. If you don’t already use anti-virus and anti-malware software, start using them before your trip—and add spymail protections to your computer’s firewalls and email’s spam filters while you’re at it.
It’s also a good idea to disable any apps that you won’t need to use during your trip. In particular, consider deleting sensitive apps (such as banking apps) and reinstalling them when you get home. Finally, it’s also important to conduct a full system backup of your devices before you leave—this will ensure you don’t lose valuable documents or information in the event that your device is lost or stolen.
Use strong passwords.
Before leaving for a trip, make sure you are using secure passwords on any device you plan to bring along and for any accounts you plan to log into during the trip. Enable lock screen passcodes on your tablet and/or smartphone, and password-protect your laptop’s hard drive. Make sure you’re using secure passwords at all times, and never use the same password for multiple accounts or devices. Finally, remain aware of your surroundings whenever you log into a device or an account—e.g., look to make sure no one is watching over your shoulder as you log in.
Avoid unsecure connections.
It’s tempting to use free Wi-Fi connections—after all, they’re free (and convenient). But using these is like making yourself a sitting duck for hackers. Any time a connection doesn’t require a password, the connection is unsecure and anyone else on the network could theoretically access your information. So it’s best to avoid these connections entirely. In lieu of unsecure connections, consider using a VPN (Virtual Private Network) or password-protected Wi-Fi networks.
If you must use an unsecure Wi-Fi connection, then take additional security measures to best protect your information. Try to use encrypted HTTPS connections on any websites you visit. (Simply add an “s” to the end of “http” in a website’s URL to see if a more secure connection is available.) Try to avoid logging into bank accounts or any other accounts with sensitive information, and log out of any apps or accounts as soon as you’re done using them.
Logout of apps and devices when not in use.
This is a simple strategy, but an effective one. Regardless of your type of internet connection, regularly logging out of apps and devices will make it harder for hackers to track your whereabouts and activities. Additionally, it will make it more difficult to access your sensitive information in the event that your devices fall into the wrong hands.
Use a travel-specific email.
Close your eyes and imagine the damage that could be done if all of the information contained in your work email account was accessed by someone with malicious intent. Now you understand why it’s valuable to avoid using your regular work email entirely while you’re traveling. Instead, created a dedicated account specifically for your trip, and let your team know they should only email you via that account (and only expect emails from you via that account) while you’re gone. This way, even if the email account is hacked, it won’t provide nearly the level of sensitive information as your everyday account.
Notify your team of your travel plans and security protocols.
In order for security procedures to be effective, everyone on your team needs to be on the same page. Educate employees about the risks and signs of hacking and phishing scams so everyone can be on alert, and remind your team of these issues before your leave for a trip.
It’s also helpful to establish a set of security protocols for while you’re away. For example, perhaps you could tell the HR team that you will not be asking for any employees’ personal information while you’re away, so they can immediately flag any such inquiries from your account as spam. Or maybe you require a multi-step authentication process (e.g. not only would employees need to receive an email from you, but they’d also need to talk to you over the phone in order to proceed with a request.) Establishing clear-cut guidelines and making sure the whole team is on the same page is one of the most effective ways to counter hacking attempts.
Once you’ve returned home from your trip, it’s important to remain vigilant. Change the passwords for any devices or accounts that you accessed while you were away, and monitor your accounts for any suspicious-looking activity. By remaining proactive before, during, and after your trip, you can help ensure that your data stays safely out of hackers’ hands.