1 in 4 workers prone to a security breach while working on vacations
A new survey of 2,000 workers by the communications and growth firm Movchan Agency revealed that 54% of people work while on vacation — and 1 in 4 don’t check if their Wi-Fi connection is secure while working away.
Unsurprisingly, close to 1 in 5 workers have leaked classified information while connected to insecure Wi-Fi.
Kateryna Didenko, a cybersecurity expert at a web development firm GetDevDone, comments: “Public Wi-Fi networks — often entirely unsecured and unencrypted — offer cybercriminals easy access to potentially lucrative accounts and data. If you’re among the 23% of workers who don’t check the security of a network before connecting to it, chances are you will eventually fall victim to a malware attack.
“This is where bad actors install harmful software on your device designed to steal data, monitor activity, or extort money. The consequences? An average of $10m in damages and one unhappy employer,” — she added.
As a result, 52% of workers who accidentally leaked classified information while on vacation were fined or fired, while 1 in 6 faced criminal charges. When asked if their employers provide cybersecurity workshops on working vacation best practices — 48% admitted they do not.
How can workers ensure a connection is secure?
“If you want peace of mind, you should avoid public networks entirely if you’re handling sensitive information. When possible, use your mobile hotspot instead. However, there will always be times when something urgent arises and you have no choice. In that case, invest in a trustworthy VPN or use a corporate VPN if your company security policy states so,” — said Kateryna Didenko, a cybersecurity expert at a web development firm GetDevDone.
4 tips to keep your sensitive data safe while working on vacation
Kateryna shares her 4 essential tips to ensure you are working safely and all your data is secure when working on a vacation:
1. Switch on your VPN before logging in
Threat actors exploit the unencrypted nature of public networks to snoop in. However, a VPN will encrypt the data you send and receive. Is it foolproof? No software is 100% perfect and data sent through a VPN can be cracked, but it will make it far more difficult for cybercriminals to decipher.
2. Don’t use your usual passwords
You can never be too cautious when it comes to cybersecurity. If any service asks you to create a password to access it, enter something unique that you don’t use elsewhere. If that password is stolen or leaked, at least it can’t be used to hijack your accounts elsewhere. Just to be safe, make sure you have two-factor authentication set up and monitor your accounts for suspicious activity.
3. Watch out for phishing attempts
How often do you share your personal information without a second thought? Your email address, phone number, and even your name are invaluable tools to cybercriminals using social engineering techniques to trick you. If possible, use a separate email and phone number for unimportant occasions. You’re far more likely to fall for fraudulent communication if the attacker uses your real email or phone number, so be extra vigilant.
4. Keep your devices secure
That urgent update your phone keeps pestering you about? It can’t wait. They’re typically issued in response to emerging threats, so it’s imperative you keep up with the latest security patches and antivirus updates. And while you’re at it, turn off file sharing and Bluetooth while you’re not using them to make your device harder to access.
What should you do if they think your device has been compromised?
If you have already connected to an insecure Wi-Fi, here are the 7 steps you must take immediately for some damage control:
- Disconnect: Immediately switch off your Wi-Fi, mobile data, and Bluetooth to take your device offline.
- Contact IT support: Inform your IT department via an alternative communication channel immediately if you fear company data has been compromised.
- Change your passwords: Reset your password for every account, starting with the most sensitive ones.
- Run a scan: Initiate a scan to let your antivirus search for and remove any known threats.
- Enable 2FA: Add additional security to your account using an authenticator app or SMS verification.
- Update your software: Ensure your operating system, applications, and security software are up to date.
- Monitor: Regularly check your accounts and report unusual activity to your employer, or service provider.