Travelers face an ever-increasing variety of cyber threats – unsecured devices and data, as well as oversharing information – that can largely be minimized if appropriate precautions are taken.
“October is National Cybersecurity Awareness Month, a good reminder to protect your data, devices and professional and personal identity, regardless of whether you live and work in a rural or urban locale,” said Dwayne Hunter, information technology manager for Oklahoma State University’s Division of Agricultural Sciences and Natural Resources.
A good practice is to store data on a USB thumb drive or other removable media that can be destroyed after use. Do not accept and use USB thumb drives or other removable media from any other sources.
“When possible, travel with a new or re-imaged device so that no data is stored on it,” Hunter said. “Do not plug USB-powered devices into public charging stations. Only connect USB-powered devices to the power adapter with which they were intended to be used.”
Also, channel your inner airport security professional and keep electronic devices with you at all times. Hunter recommends devices, network connections and services be turned or powered off when not in use.
“Before traveling, change all passwords that you plan to use,” he said. “Clear your browsing histories and other stored information that could be abused by unscrupulous individuals. And always – always – upon your return be sure to change the passwords of any accounts that were accessed while traveling.”
Delete unnecessary applications, plugins and software. Ensure computers and mobile devices being taken have the most recent patches, software updates and anti-virus software installed.
“It’s a good idea to use a one-time web-mail account, where possible,” Hunter said. “Do not access sensitive accounts or conduct sensitive transactions over public networks, including hotel business centers and internet cafés.”
If a connection to sensitive accounts or systems is required, Hunter recommends using a virtual private network – often referred to as a VPN – connection, provided it is legal in the specific country.
“For example, it is not legal for OSU employees to use the university’s VPN in all countries outside the United States,” he said. “Consult with local contacts in the country to which you are traveling before using a VPN.”
Know the local laws regarding online behavior as some online sites are illegal in certain countries, including Google, YouTube, Facebook, Twitter and Instagram. The U.S. Department of State is a good source of information about acceptable online behavior relative to specific destinations.
“When traveling abroad, assume all online activity is subject to government or other monitoring techniques,” Hunter said. “Use of mobile apps that contain encrypted communication may be illegal. Again, consult your local contacts before using the app.”
DASNR is comprised of the OSU College of Agricultural Sciences and Natural Resources, and two state agencies: The Oklahoma Cooperative Extension Service and the statewide Oklahoma Agricultural Experiment Station system.