From Surfing Waves to Surfing the World Wide Web: Be Safe Online While Traveling
Picture this: You are sitting in a lounge chair strategically placed under an umbrella constructed of palm leaves. The sun is at your back and the ocean waves are crashing against the shore gently in front of you. The ocean seems endless, blue and white cascades moving in and out. The warm white sand is soft and tacky between your toes. Here, right now in this place, you feel the weight of responsibility lifted.
The philosophy of vacation is quite simple: Relax, rejuvenate, be carefree, and most of all enjoy yourself. While some may choose to break waves at a tropical hotspot destination; others may take to the open road; the daring may elect to defy gravity by climbing Mount Everest; and others may pick a culturally enriching international destination. No matter where your journey takes you, do not allow yourself to become careless with security!
One of the most effective ways to protect yourself when traveling is to take preventive measures before your departure (1). Complete the following actions before leaving home:
- Update your operating system, applications, and anti-virus software on your mobile devices. Operating systems, applications, and anti-virus software all offer periodic updates containing vital security patches. Keep your system on current versions.
- Ensure your firewall is enabled. This prevents others from connecting to your device over the network.
- Encrypt confidential information stored on your devices. Most mobile devices come with encryption capabilities built in. If not, you may install encryption applications. You should consult your vendor’s application store or marketplace for information on what is available.
- Configure your device for remote wiping. In the event that your device is lost or stolen, remote wiping allows you the capability to erase all data and personal information stored on the device (2). Affix a label to the back of your device with your name, email, and phone number to increase the likelihood of misplaced belongings being returned to you.
- Do not post travel plans on social media sites. You should always limit the amount of personal information you share on these sites. While your account may be setup securely, you have no control over how your friends setup their accounts.
Follow these best practices while you are traveling:
- Use sponsored Wi-Fi networks hosted by legitimate organizations and pay attention to the Wi-Fi encryption types. Your online activities can be monitored by others while you are connected to a public network. Protect yourself by ensuring you are on a legitimate Wi-Fi connection. Look for posted signs found in hotel lobbies, airport terminals, or cafés displaying the name of the supported Wi-Fi network. Also, the most common Wi-Fi encryption types (ordered by most secure to least secure) are: WPA2, WPA, and WEP.
- Limit your web browsing to well-known and trusted websites and use encryption when possible.Utilizing email and web browsing features poses the threat of phishing scams, malicious sites, infected attachments, and other scams. Use SSL encryption (https://) for web browsing when possible. An Https:// browser session automatically encrypts data transmitted over the Internet. Also, most email service providers offer an encryption option. If available, enable the SSL option for your email.
- Keep optional network connections, such as Bluetooth and Wi-Fi, turned off when not in use. If using these features in public, limit the amount of personal information you view. SMS, MMS, Bluetooth and synchronization are all potential attack routes.
- Limit your use of public computers to casual web browsing only. Public computers may be infected with malware or keyloggers. If you have no choice but to use a public computer to make a transaction or to communicate sensitive information, you should assume any information shared could be compromised. Keep track of the accounts you accessed on a public computer and change your passwords immediately once you are on a trusted computer and network.
- Turn off cookies and autofill options. If your mobile device automatically enters passwords and login information into websites you visit frequently, turn this feature off. While convenient, these options pose privacy threats.
- Always keep your device on you or locked in a secure location. You should place mobile devices in your carryon luggage, do not check these items. There is no guarantee your luggage will arrive to your destination at the same time as you do and there is always a risk of baggage being ransacked before you obtain it. If you are on a road trip, you should lock electronics in the glove compartment or rear storage of the vehicle.
- Make use of personal WiFi hotspots. If an emergency arises and you need to use a wireless network, set up a personal hotspot on your device, or use a virtual private network (VPN) to ensure a secure internet connection (3).
What if you follow all these best practices and still get hacked? Change your password immediately. For suggestions on creating a strong password, visit the Division of IT’s MakeITSafe password safety page. If your device has been compromised, misplaced, or stolen you should employ remote wiping. If you did not configure your device for remote wiping beforehand, you still have the capability to wipe your Microsoft Exchange account. Faculty, staff, and students may request remote wiping of their University email account, contacts, and calendar. For assistance with this process, contact the IT Tech Support at 882-5000.
- SANS institute. (2011). Staying Secure Online While Traveling. Retrieved from http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201104_en.pdf.
- Kugler, L. (2011). 9 Ways to Keep Your Mobile Devices Secure While Traveling. Retrieved from, http://www.pcworld.com/article/218671/9_ways_to_keep_your_mobile_devices_secure_while_traveling.html.
- NCSA Stay Safe Online. (2015). June is Internet Safety Month. Retrieved from https://staysafeonline.org/about-us/news/june-is-internet-safety-month-the-national-cyber-security-alliance-ncsa-and-connectsafely-share-tips-to-ensure-online-safety-and-summertime-fun