As the government ease restrictions since the Movement Control Order (MCO) due to the Covid-19 pandemic, one of the restrictions that has been lifted is travelling.
Now people are allowed to travel if they have been vaccinated and if they have the proper documents for their trip. Organizations are sending out their employees for business trips again and their workers must work remotely outside their secured network.
That’s why it’s important to develop an awareness of IT threats. This includes physical threats, especially on the road, such as public Wi-Fi networks or NFC chips in cards.
Christine Schönig, Regional Director Security Engineering, Check Point Software Technologies shares her thoughts on this issue and some tips on how you could make your business trip a cyber safe experience.
Before The Trip
Firstly, she said before embarking on a trip, one should inform oneself about the security situation and legal requirements and have contact addresses ready for emergencies.
For example, if you suspect that data has been lost, you should immediately inform your employer and the relevant authorities. It depends on the scope of the potential data loss.
The principle of data economy should be observed and, if possible, dedicated travel laptops or smartphones without sensitive company data should be used.
In addition, a healthy scepticism against contact attempts and gifts is in order. One must always be vigilant about service providers and unknown individuals.
Furthermore, everyone should keep in mind that in some countries one must exercise restraint regarding political and historical topics or cultural expressions. This applies just as much to postings on the Internet or to correspondence.
Accordingly, it is important to inform oneself about permitted encryption products and to limit confidential communication to the necessary extent.
For the physical threats, simple tricks help, such as a cover for the screen camera, a protective film that prevents the monitor from being seen from the side, or special covers for the cash cards in the wallet that shield against radio radiation.
Reading the latter data via the Near Field Communication (NFC) chips is possible at any time without direct access to the cash card. User rights should generally be restricted and only cover the most necessary authorizations.
The use of public networks should be avoided and the automatic connection to public hotspots should be disabled, so that an attack cannot be carried out via fraudulent or hijacked networks.
These public networks are usually very poorly protected and are open to man-in-the-middle attacks, where a hacker gets in between any communication and reads everything.
It is essential to ensure a secure Virtual Private Network (VPN) connection and to disable directory sharing so that access to confidential data is impossible.
Return To The Office
Before returning to the office and integrating the devices into the corporate network, make sure that this device has been thoroughly scanned for malware.
In addition, the endpoint security solution available on the laptop must be updated to the new state of the art.
This secures the use of the end device in the public Wi-Fi network as well as in the company network. In general, regular testing of the laptop or smartphone is recommended.
She concluded that if these simple measures are observed, many threats can be circumvented, and travel can be safely avoided.