Hackers and cyber criminals are well aware that many executives and sales people travel as part of their jobs. And for companies reliant on these road warriors to drive business, there are a number of risk factors they must recognize and address to ensure their staff, their data and the future of their organizations are protected.
There are an estimated 5,000 to 9,000 mobile devices lost or stolen every day in the United States; worldwide, numbers are much larger. In addition to presenting obvious security issues for companies, these lost and stolen devices present additional work in the form of educating employees about how to react, putting processes in place to ensure IT is notified immediately and wiping devices remotely. Though these statistics alone are alarming, the savviness of today’s criminals presents an even greater concern. While C-suite and high level executives are carrying around a tremendous amount of sensitive data with proprietary access, hackers are quickly and quietly finding ways to copy that information without the individual ever relinquishing possession of the device.
To make matters worse, our mobile devices provide immediate and possibly long-term access to an organization’s assets. Cyber thieves are then free to extract unencrypted or weakly encrypted data from any device any time, including communications to and from those devices.
If your company doesn’t already have a plan in place, here are six steps to take that can enhance travel-related security.
- Use extreme caution with mobile devices.
While this isn’t really “news,” it’s imperative road warriors be careful in keeping their devices in their possession. We have seen too many instances of individuals leaving their devices on a table while they “step away” at a restaurant or coffee shop. In fact, on a recent trip, I saw three examples of a mobile device left unattended … urggh! Even in your hotel room, secure any devices left behind, and never leave devices visible in your car. - ALL devices should be protected with Enterprise Mobility Management (EMM).
This allows the company to enforce passwords, encryption, secure access and remote wipe capabilities. EMM security is available at as low as $50 per device per year — a small price to pay for mobile security and peace of mind. - Never use public Wi-Fi.
Always use your cellular option or carry a MiFi hotspot. Many hackers have been know to create false free Wi-Fi connections near coffee shops and other meeting places to intercept data traffic from people looking for this amenity. - Make sure connections to the home office are secure.
Executives and others on the road will almost certainly be checking in and accessing data. Using a secure communication channel or virtual private network is an excellent idea. Another good practice is to use multi-factor authentication with one-time use tokens to access applications and services for those traveling. - Be aware of your surroundings.
Police and military have been training people for years to be aware of your surroundings! Be careful of people shoulder surfing and listening to conversations or chats you are conducting in public places. For executives traveling internationally, the risks are even greater. If travelling abroad, consider using a dumb phone or limiting access on your smartphone. Be hyper aware if traveling to certain countries known for increased attacks by hackers. Note: Make it part of your mobile device usage policy that employees notify IT before traveling abroad. - Train your road warriors.
Security awareness is learned and must be part of a continuous education process. Security threats are an ever-evolving challenge and your road warriors need to be informed of new methods for securing data and access to data.
Knowing your mobile devices are targets for hackers is the first step. Addressing it will separate the best from the rest.
