With covid rules relaxing and people returning to more “normal” ways of working, business travel is back on. In fact, business travel bookings for the first three months of 2022 increased by 875% from the previous year*. But have you given any thought to the risks your company might face when your employees are travelling for work?
It might sound obvious, but organisations do face heightened cyber security risks when their employees travel. Business travellers are prime targets for cyber-criminals, as they often carry valuable data and may not always be careful about securing their devices. In this article we discuss key cyber security exposures for business travellers and outline steps you, as an employer, can take to mitigate these risks.
Cyber security threats while travelling
Business travellers’ laptops, smartphones and tablets are particularly susceptible to data breaches, loss and theft. Some common cyber-threats that business travellers may encounter include:
- Unsecured wi-fi networks—While convenient, compared to private wi-fi networks, public wi-fi networks are unsecured and can allow cyber-criminals easier access to connected devices (as well as the data stored on them).
- Publicly accessible computers—Using login credentials on public computers is a serious cyber-risk. These devices often lack sufficient security capabilities and may even be infected with malware.
- Stolen or misplaced devices—Theft or loss of devices is a major threat to business travellers, as this can result in the exposure of important data. Devices could be lost or stolen in airports, hotel lobbies, conference rooms or rental cars.
How employers can mitigate cyber security risks
Neglecting cyber security when employees are travelling can be detrimental to a business. Data breaches may have devastating consequences, including lost or stolen sensitive information, business interruption, reputational damage and non-compliance fees under the General Data Protection Regulation.
Here are some measures you can implement to minimise cyber security risks for your travelling employees:
- Establish wi-fi policies. Employers should have policies in place requiring employees to confirm the network name and precise login procedures with the appropriate staff before connecting to public wi-fi networks in airports or hotels. Sensitive activities, such as banking or confidential work-related projects should not be conducted on public wi-fi networks. Devices should also be configured so that they do not automatically connect to wi-fi networks.
- Enforce virtual private network (VPN) use. Via a VPN, all online traffic is routed through an encrypted virtual tunnel. Such a network can help can reduce the risk of cyber-attacks by establishing a secure connection between users and the internet. Employers should create VPNs and require employees to utilise these networks whenever possible, especially during business travel.
- Conduct physical security training for digital valuables. Most travellers let their guards down once they arrive at their destinations, but that can be one of the times they’re most susceptible to theft. Employers should encourage business travellers to never leave their devices unattended. Employees should also be instructed to utilise strong passwords or multifactor authentication capabilities (if possible) and lock devices in hotel safes upon leaving their rooms.
Encourage employees to pack minimal devices. Leaving unnecessary technology at home can help reduce the chance of theft or data loss. As such, employers should only permit employees to bring devices that are essential to completing their duties while abroad.
Find out more about how cyber insurance can help your business.