Comments by: Christine Schönig, Regional Director Security Engineering, Check Point Software Technologies
Before the trip
Before embarking on a trip, one should inform oneself about the security situation and legal requirements and have contact addresses ready for emergencies. For example, if you suspect that data has been lost, you should immediately inform your employer and the relevant authorities. It depends on the scope of the potential data loss. The principle of data economy should be observed and, if possible, dedicated travel laptops or smartphones without sensitive company data should be used.
In addition, a healthy skepticism against contact attempts and gifts is in order. One must always be vigilant about service providers and unknown individuals. Furthermore, everyone should keep in mind that in some countries one must exercise restraint with regard to political and historical topics or cultural expressions. This applies just as much to postings on the Internet or to correspondence. Accordingly, it is important to inform oneself about permitted encryption products and to limit confidential communication to the necessary extent.
For the physical threats, simple tricks help, such as a cover for the screen camera, a protective film that prevents the monitor from being seen from the side, or special covers for the cash cards in the wallet that shield against radio radiation. Reading the latter data via the NFC chips is possible at any time without direct access to the cash card. User rights should generally be restricted and only cover the most necessary authorisations.
The use of public networks should be avoided and the automatic connection to public hotspots should be disabled, so that an attack cannot be carried out via fraudulent or hijacked networks. These public networks are usually very poorly protected and are open to man-in-the-middle attacks, where a hacker gets in between any communication and reads everything. It is essential to ensure a secure VPN connection and to disable directory sharing so that access to confidential data is impossible.
Return to the office
Before returning to the office and integrating the devices into the corporate network, make sure that this device has been thoroughly scanned for malware. In addition, the endpoint security solution available on the laptop must be updated to the new state of the art. This secures the use of the end device in the public wifi network as well as in the company network. In general, regular testing of the laptop or smartphone is recommended.
If these simple measures are observed, many threats can be circumvented and travel can be safely avoided.