By 
According to studies, seventy percent of business travellers have fallen victim to cyber-attacks, as experts warn they could be prime prey for cybercriminals seeking out confidential data.
RELATED: Cybersecurity in Focus: Business’ top concerns answered by industry experts
With business travel growing by almost a fifth (19%) over the past year, experts highlight the risks of travellers following poor cybersecurity protocols, skipping secure passwords, and lacking proper cybersecurity education.
Application security SaaS company, Indusface has revealed the top cybersecurity risks for business travelers and how to protect company data on the road.
Top travelling cybersecurity risks and how to avoid them
Unsecured wi-fi networks
One of the most common ways company data is put at risk is through employees connecting to unsecured wi-fi spots whilst travelling.
Public wifi networks are often not encrypted, so any data sent or received is unprotected against unauthorized users. Alongside this, cybercriminals are clued in on the desperation many travellers experience when without wifi, leading to many creating honeypot hotspots where hackers create fake networks to collect company data.
Cafes, restaurants (25%), airports (23%), and hotels (20%) are the most common locations where personal information is compromised.
Venky Sundar, Founder and President of Indusface, advises on how to protect your company data: “The first port of call for businesses is to create policies that outline the protocols for public wifi usage, with requirements for complete avoidance or VPN usage.
Ensure employees turn off auto-connect wifi settings too. Alternatively, business-funded mobile networks for hot-spotting will help deter public wifi connections for employees in a pinch.”
Device theft or loss
With 16% of business travellers planning to combine a business trip with a holiday this year, it is paramount to stay vigilant at all times. 80% of travellers have lost, forgotten, or had something stolen from them when they travel, but only 40% ever get their items back.
“Effective ways to limit the risk of loss and theft is to implement clear policies on secure handling of business equipment when travelling and encourage employees to keep tech close at all times in secure luggage and hand luggage rather than checked bags. Companies can also invest in smart luggage and remote device management which allows the quick wiping of devices in the event of a loss.”
Unsecured mobile apps
Business travelers often rely on their mobiles when traveling for convenience and when using personal phones for business they may disregard the security of their apps. This includes messaging services that are not end-to-end encrypted, meaning messages both personal and for business are at risk.
“Mobile app penetration testing is invaluable here, assessment of the security of mobile applications by simulating attacks helps identify vulnerabilities. Carrying out this testing is key to ensuring sensitive data is not at risk.”
-
Fake charging stations
Fake charging stations or juice jacking is a form of cyber attack where a device is plugged into a public USB charging port that a criminal has tampered with, once a device is plugged in, data is stolen or malware is installed. This is particularly prevalent in airports, coffee shops, and on public transport, all places business travellers frequent.
“USB data blockers are inexpensive but a great solution to stop the data transfer between the device and the charging port. Investing in software security will help add another layer of defence if desperation hits. Alternatively, business travellers would benefit from a portable charger that can keep their tech going when away from the office.”
Shared or publicly accessible devices
Shared devices are a significant security risk wherever you are but sometimes they are unavoidable especially when travelling. From saved passwords and browsing history to stolen identity and bank details, sharing devices opens up a multitude of risks.
“Typically employees should avoid sharing devices at all times to limit the security risk, where unavoidable ensure to never save passwords, create separate accounts, and avoid using the device for sensitive material.”
Credit: Indusface
