6 travel security tips to help employees protect their data while on holiday

By Jonathan Crowl

Though enterprise mobility is a boon for the productivity and flexibility of modern employees, it can lead to some security concerns. These security considerations aren’t limited to work travel, either: When employees go on vacation and bring their devices with them, organizations face a very real threat.

Travel security concerns relate to both personal and work-issued devices. Fortunately, employees can neutralize many of these potential threats by being smart about how they use their devices. To support these efforts, organizations should have policies and protocols in place to help employees make the right decisions and avoid exposing the company to new security threats.

As employees look ahead to the holiday travel season, consider these six tips to raise awareness and protect business data as they put their vacation time to good use:

1. Require employees to install all patches and updates

The simplest protection against leading travel security concerns is also the easiest. Updating software and installing patches can be a hassle when time is short, but it’s the best way to minimize vulnerability to unknown threats. According to Heimdal Security, a failure to update software patches is the cause of up to 92 percent of security breaches.

Organizations should insist that employees have all their software, apps and operating systems up to date before they go on vacation. This alone could be the difference between a companywide breach and a carefree break from work.

Download Gartner report on managed mobility services

2. Adjust enterprise permissions based on need

Some employees will need to access work data and resources while on vacation, but others will hardly even check work email while they’re away. In general, it’s best to restrict permissions to traveling employees to minimize risk, especially when they’re traveling outside the country. That means temporarily limiting access to sensitive information to make their personal devices less of a liability.

With that in mind, request that employees notify you of upcoming vacations and what, if any, special permissions they’ll require while away from the office. You can even implement a standard vacation setting for workers who take extended leaves from the office, allowing IT to easily manage these adjusted permissions over time.

3. Encourage workers to avoid using public wifi

Connecting to an open wifi network might seem innocuous, but it’s a simple way for malicious hackers to gain access to a device. Employees should take whatever steps possible to avoid this type of internet access when traveling.

As an alternative, workers should use personal hot spots and password-protected wifi networks, as well as their cellphone service data, when possible. When using a personal hot spot, they should connect to the device through Bluetooth. Using Bluetooth encrypts the data, providing an additional layer of protection.

4. Instruct employees to use VPNs for remote work

Not everyone can fully unplug from work during a vacation. When employees have to interrupt vacation to take care of something work-related, they should understand the importance of using a virtual private network (VPN). According to Computerworld, a VPN provides a secure connection between the business office and remote devices, and it encrypts and shares data over a secure connection.

This provides multiple layers of protection against malicious hackers. Your company should establish an enterprise VPN and provide employees with instructions on how to connect with that secured network from a remote location.

5. Create a security policy for missing devices

An employee who loses a mobile device — or has it stolen — is a serious vulnerability companies need to address in short order. While no employee ever wants to lose a device when traveling, it’s a possibility that can have serious repercussions. Companies have to be ready to respond quickly to mitigate losses and thwart the attacks of malicious hackers seeking an opening into the enterprise network.

According to The Telegraph, companies should have security protocols to act quickly in response. Every employee needs to know exactly how to report a lost device. Meanwhile, IT should immediately activate location tracking solutions to help the worker locate a device that’s only been misplaced, as well as remote wiping software if the employee can’t find it. By erasing data remotely, the enterprise can stop a malicious hacker from pulling sensitive data from the device and using it to compromise the entire enterprise network.


6. Have employees change passwords when they return home

Even when a worker isn’t aware of any compromise, it’s possible someone has been gathering information to exploit at a later date. According to the Federal Communications Commission, one simple fix to this problem is to have employees change device passwords when they return home. They should make these password changes to any devices they used while traveling, as well as any applications or password-protected software they accessed.

Prevention is the best way to combat cybersecurity threats, and employees need the support of the company to make sure they’re doing everything they can to protect themselves from compromise. This holiday season, give your employees the ability to protect not just themselves, but the entire organization.