Keeping thieves at bay when travelling used to involve money pouches and hidden pockets. These days, the threat has moved into the cyber sphere. Keeper Security’s Co-founder Darren Guccione explains.
The holiday/vacation period is looming, and many people are making plans for international travel. If you are among them, be sure you have done all you can to take responsibility for cybersecurity when travelling. After all, it’s a dangerous world out there when it comes to the cyber threat environment. Some common sense and preparation will go a long way toward ensuring your international travel memories are of the good kind.
Let’s break down the tips and tricks of cyber safe travel into two categories. The first is basic “blocking and tackling,” which for the most part is done prior to your travel. The second category deals with security tips once you are on the road.
First, a note about U.S. Border Patrol agents
It is important to know in advance that the travel environment itself has changed. While travelling within the U.S., TSA agents at the gates are not allowed to confiscate your digital devices, nor are they allowed to demand passwords to get into them. If such attempts are made, demand to speak to a supervisor.
The rules, however, are different for U.S. Border Patrol agents and for agents in other nations too. Recently there have been multiple news reports of U.S. citizens having to turn over digital devices and their passwords as a condition for entering or re-entering their own country. What can the border agents do with your passwords or data on your devices? How long can they keep that information? How long can you be detained? These and other questions are not easy to answer. But as you will see from the tips and tricks below, there is much that can be done to minimise what might be compromised or inspected while you ensure your trip overall is as cyber safe as it can be.
Before you head out: basic blocking and tackling
- Back up your e-files. Just presume you are going to lose everything on your devices. If all data is backed up before you leave, then if you lose your device you won’t lose what really matters most to you.
- Don’t carry sensitive data. This is easier said than done if you are mixing business and pleasure, but it is not unreasonable to just leave behind all the sensitive files you are not likely to use. Store them on cloud backup or on removable media. But get them off your devices.
- Change all passwords for all devices. When doing this, use two-factor authentication if possible, which most devices have today. Make the passwords eight characters or longer with a combination of nonsensical letters, numbers, and symbols. Download a free password manager that will do all the work of creating complex passwords and remembering them for you.
- If you haven’t checked recently, this is an excellent time to be sure your antivirus software is current. There is plenty of danger lurking in foreign hotels, coffee houses, and even airports, as we’ll see. This software is your first line of defence.
- If your smartphone allows, and most do, enable the feature that automatically erases all data in the event of multiple failed password attempts (usually 10 or so).
- If available, enable anti-theft software (often through the cloud) that allows you to lock your device remotely if it is stolen. Enable and activate the “find my phone/device” function so if your phone or tablet is stolen, you can track it, disable it, and change all the passwords.
- Be mindful of movies, books, and other things you have loaded into your devices that could be considered pornographic and otherwise illegal in certain other countries. Also, some downloads considered legal in the U.S. may actually violate local intellectual property or digital asset rights in other countries, should your device be searched. Just err on the side of caution and store and remove anything that might be construed as such.
- Disable Wi-Fi auto-connect options from all devices before you leave, such that you have to manually connect when you think it is safe to do so. The best approach is to buy a subscription to services that only connect to secure Wi-Fi hotspots throughout the world. Rates are inexpensive and getting more so all the time. Just do a search on “unlimited wifi.” If you will need to transfer or access sensitive data abroad, consider getting a highly secure VPN connection on a daily or weekly rental basis. Just search “VPN rental.”
- Similarly, disable Bluetooth connectivity. If left on, cyber thieves can connect to your device in a number of different and easy ways. Once they are in, your cyber world is their oyster!
- Finally if you do not have an international subscriber identity module, better known as a SIM card or do not have a roaming package on your smartphone, your two-factor authorisation access will be limited. All the more reason to purchase a secure Wi-Fi data plan.
Now that you’ve arrived…
The tips and tricks in this list really won’t take long at all for travellers to put in place. Doing so is great insurance against many of the cyber threats that lurk when your plane touches down on foreign soil. But once that happens and your excitement builds as you head to the luggage carousel, your cybersecurity work is not done. Here are some steps to promote cyber-safety on the ground:
- Double check to be sure all of your apps are password protected with fresh, new passwords, ideally stored in your password management system so you don’t have to remember any of them. And don’t use the same PIN for hotel room safes that you use for your device password.
- At all cost, avoid using “public” digital devices, such as those at coffee houses, libraries, and bookstores. They are often notoriously riddled with malware lurking to steal your information. If you use them, you should presume that someone other than you would see any information you enter.
- Be very careful about connecting to any Wi-Fi network if you haven’t subscribed to a global service previously, per the tip above. These are prime milieus for cyberthieves. Say you are in a train station (bahnhof) in Germany. You scan your device for a wireless network and there are several. A legitimate one might be “bahnhofwifi”—but you don’t know that. A cyberthief has set up his own Wi-Fi trap and it shows up as “bahnhoffwifi,” with but one letter changed. Connect to that and your troubles are just starting.
- Don’t charge your devices using anything other than your own chargers plugged directly into the wall or into your adapter. It is easy for cyber thieves to install malware onto hotel and other public docking stations.
- Never connect any USB drive or other removable media that you don’t personally own. Again, they are easy to load with malicious software.
- This goes without saying, but NEVER let your devices leave your sight. If you cannot physically lock devices in your hotel room safe or other secure place, take them with you. There are no good hiding spots in your hotel room. And, of course, never check your devices with your luggage.
- Most social media sites are happy to automatically share your location as you post photos and messages. This also tells thieves back home that you are away, which is a great time to break in. So limit the information you post regarding your location at any point in time.
Bon voyage! And safe cyber-travels.
Darren Guccione is Co-founder and CEO of Keeper Security, a password manager app and digital vault for consumers and enterprises with 9 million+ users.