Travel is still a big part of work these days, regardless if your organization is fully remote, hybrid, or in-office. We often get questions about what organizations can do to keep their employees, devices, and data safe while they are on the go so we wanted to share some of our top tips.

Our goal is to provide a set of actionable, totally free measures you can take to keep things secure on the road. 

Tips To Travel Securely

Assess Device Necessity

Evaluate whether employees truly need to carry their devices while traveling. If unnecessary, encourage them to leave their devices at home to avoid exposing data and devices to potential risks. Are they taking a personal vacation? If so, do they really need to bring their work devices?

Implement Screen Locks

Ensure that staff members configure a screen lock on their devices, with a short timeout period of one to two minutes. This will help reduce the risk of information compromise in the event a device is lost or stolen. Enabling biometrics on your device can additionally make logging in to services easier, while still maintaining devices in a secure state. 

Uninstall Unnecessary Applications

Advise employees to uninstall any unnecessary applications from their devices. Reducing the number of installed apps minimizes potential attack vectors and the associated security risks, as well as the time needed to keep everything up to date.

Prohibit Rooting or Jailbreaking

“Rooting” or “jailbreaking” a device generally involves bypassing built-in device security measures to get “root”, or full control over the device. Users sometimes do this to install apps from free or otherwise unreputable app stores other than the official ones. Your organization should specifically prohibit this type of bypassing of security measures.. Although no longer a common practice, such actions can compromise device security and expose sensitive data. Common Mobile Device Management (MDM) solutions can detect this and deny access to organizational information if a device is not in a secure state.

Keep Software Up to Date

Ensure that devices are running the latest operating system and application updates. Installing operating system and application updates address security vulnerabilities and improve overall device security.

Enable Device Storage Encryption

While this is now the default on most mobile devices, ensure that employees' devices have storage encryption enabled. Encryption safeguards data stored on the device, rendering it inaccessible to unauthorized individuals.

Connect Securely

We strongly recommend that traveling staff members connect to the internet only via a cellular network hotspot or trusted Wi-Fi access point that employs at least WPA2 encryption. If these two options are unavailable, we suggest using a reputable VPN service, such as the paid versions of Witopia, NordVPN, or TunnelBear to establish a secure connection. (Please note that we have no affiliation with TunnelBear but we’ve had good experiences with them in the past. Avoid any free VPNs as these are notorious for security issues and selling your data.

Enforce Multi-Factor Authentication (MFA)

Configure all critical organizational services, such as Google Workspace, Microsoft 365, or Salesforce, to enforce multi-factor authentication. This additional layer of security mitigates the risk of unauthorized access in the event of a stolen or compromised account or device. Enforcing the control ensures that it is uniformly implemented across your whole staff.

Immediate Reporting of Incidents

Require employees to promptly report stolen, lost, or damaged devices. This allows organizations to take immediate action, such as revoking affected accounts, preventing potential data breaches.

Consider Mobile Device Management

Mobile device management tools can aid in enforcing security measures and ensuring devices remain in compliance with organizational policies while reducing the burden on staff to implement the security controls.

Wrapping Up

Implementing comprehensive security practices is crucial for employees who frequently travel. By adhering to these best practices, organizations can significantly reduce the risk of data breaches, unauthorized access, and device compromises. Remember to provide clear guidance and support to employees to facilitate their compliance with these policies. Questions? Book a meeting with us to chat.