Leaving on a Jet Plane? Secure Your Devices First

I’ve headed off on vacation with my wife and kid in sunny Florida, but didn’t want to miss posting something useful for Cyber Tuesday.  Having been preaching the “dos” and “don’ts” of data security for businesses, I had to make sure my own mobile devices were secured while on the move.  My wife will probably disagree, but, in my opinion securing your data (both personal and professional) while on the go is just as, if not more important than making sure you packed your toothbrush and sunscreen.

It’s no secret that cyber breaches are expensive, can halt business, and severely damage the reputation of the brand if not mitigated and managed properly. And, personal identity theft is more than a hassle, it could take years to get your credit and life back in order.

In both cases, utilizing security best practices and consulting with your IT team or provider will greatly reduce the likelihood of a breach due to a lost, stolen, or hacked device.

Keeping all of the above in mind, below is the list of what I did to be prepared for my trip:

Laptop:

1. I don’t keep any client or company data stored on my laptop, and I have a scheduled task that automatically wipes my downloads folder and recycle bin at 5 pm every Friday.
2. The server prompted me to update my password (due to a set schedule policy) this past week, so I didn’t have to worry about my credentials being stale or compromised. Put a note on your personal device’s calendar to update your passwords every 60 days.
3. I’ve memorized my company system and email login information so I won’t have to carry it with me or store it on any device.
4. I ensured all Windows security patches were implemented.

Mobile Phone:

1. Thanks to our Mobile Device Management (MDM) service, my phone is protected by a security pin, backups are encrypted and I can wipe my device if lost or stolen.
2. Aside from company email, calendar, contacts and some family pictures, I don’t keep much on my mobile phone so I just ran a quick (encrypted) backup using iTunes on my laptop. Note: I turned off iCloud after it was hacked a few years ago.
3. I’ve updated my apps and mobile OS to ensure security vulnerabilities are patched.
4. I’ve lowered my iPhones auto lock timer from two minutes to 30 seconds.
5. I’m not traveling abroad, so I don’t need to alter or add international rates to my data plan.

Tablet:

1. Since I won’t need my company iPad with me I will leave it secured in the office. Not having a tablet with you while on vacation will not only allow for a more relaxing holiday, but will also minimize the risk of losing them or connecting them to an unsecure network, thus putting your organization’s information in jeopardy.

Below are some valuable tips for your mobile devices while travelling:

• Stay away from public Wi-Fi. If you have a Hotspot device from a mobile provider, use that instead.

• Call the hotel before you leave and ask whether they have secure Wi-Fi and a place to store your laptop while you are not in your room.

• If you don’t need it, leave it home.

The Department of Homeland security has a very useful tips list for mobile cyber security as well. You can view that here.

To emphasize the importance of incorporating mobile device security into your overall cyber risk mitigation strategy, below are links to our prior blogs on the subject:

• Business or Pleasure? Either Could Become a Nightmare Without a Mobile Security Policy
• Hacked

The responsibility for proper cyber risk mitigation falls on more than the IT department. Organizations that embrace cyber security and make it part of their overall risk mitigation strategy will not only greatly reduce their chances of a breach, but will also lower the impact and fall out of a cyber event should one happen.

Contact Us if you have questions, need help mitigating your company’s cyber exposure or to learn more about the services we provide.