Top employee cybersecurity tips for remote work and travel

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and gain efficiencies by improving and scaling citizen developers. Watch now.

With the holidays approaching, many remote workers, already at increased risk of cyberattacks, will travel by booking vacation trips to visit family and friends. This will likely exacerbate IT teams' anxiety about cybersecurity, already heightened by the pandemic and its aftermath. In a Ponemon Institute survey, 65% of IT and security professionals said it was easier to protect an organization's confidential information when staff were working in the office.

Whether employees are working from home, at a conference, or even on vacation, there are plenty of security pitfalls. The fact is, with every remote worker, an organization's attack surface grows. Some employees let their cyber guard down when working from home. For others, travel leads to fatigue and bad decisions, including taking safety shortcuts. It's a problem when 76% of CEOs admit to bypassing security protocols to get something done faster.

While technology has made significant advances in protecting us from ourselves, remote work can quickly escalate if we don't take basic cybersecurity precautions. This article covers a range of security best practices for remote work and travel. Of course, not all advice applies to all situations. That said, it's essential to understand your current and future environment, assess their relative risk, and take steps to protect your credentials, devices, and confidential data.

Here are some tips to help you improve your security posture while working or traveling remotely.

Event

Smart Security Summit

Learn about the essential role of AI and ML in cybersecurity and industry-specific case studies on December 8. Sign up for your free pass today.

Register now Do This First: Lock Your SIM Card

Travel or not, lock your SIM card. SIM card hijacking (or SIM card swapping, unauthorized wearing, or "smacking") is a real, underreported crime where threat actors pretend to be you, contact your wireless service provider and "transfer" your SIM card to your (their) “new phone.” Imagine someone stealing your entire life online, including your social media accounts.

In other words, your phone number now belongs to them. All of your password resets now go through the threat actor. Given the number of work credentials, social media accounts, and apps that go through your number phone, the nightmare of this crime quickly becomes apparent. If you haven't already, lock your SIM card with your wireless service provider.

Here is some information about Verizon's "Number Lock" feature.

Cybersecurity tips for remote and on-the-go workers

Back up everything all day, every day. If you travel, leave the backup at home or in the cloud.

Use a password-protected WPA (ideally WPA3) compatible Wi-Fi network.

Create a strong password (with upper and lower case letters, distinguishing characters and multiple characters). Never store passwords on you or on the phone, including in the notes section. Ideally, your employer should be using a password manager, but chances are that's not the case. According to SpecOps' 2022 Weak Password Report...