Tips for the Holidays — Go insecurity!
By Pedro Tavares, Founder of CSIRT.UBI & Cyber Security Blog seguranca informatica.pt
Holidays usually mark the absence of the office, but they are not a strong reason to leave the office unorganized and much less to undervalue cybersecurity.
Nowadays, accessing professional email on the personal smartphone has become a daily practice of any citizen, and more, many projects are closed through your smartphone. Summer holidays are therefore the ideal time to implement some necessary procedures to avoid exposure or emerging threats.
Prepare now your pre-summer checklist and avoid undesired surprises.
Take care of your digital footprint
You are on holidays. Leave most of your devices at home and disconnected from the Internet. In this way, you will not only have a small number of devices, fewer distractions, and so take advantage of the good family moments. It also reduces the risk of losing any equipment and that your valuable information falls into the hands of the wrong people, much less in the cybercriminals’ tentacles.
Take your own power adapters
Connecting your devices to third-party adapters can generate vulnerabilities on your own device. For example, the power adapter may exploit your smartphone in an attempt to install malware or steal sensitive data that you are bringing on it.
Cyber thieves may install malware onto hotel lamps, airport kiosks and other public USB charging stations. If you still wish to charge your device to a third-party adapter, turn it off at least before connecting it.
Stay updated and install security updates and patches
Make sure that the operating systems and applications on the devices you carry with you have up-to-date security updates. This measure could prevent known vulnerabilities from being exploited by cybercriminals.
Install the updates and security patches before you start traveling!
Change your passwords
Are you going to wear the same toothbrush while on vacation? So why not also change some of your passwords? At least the passwords of the systems and applications you use most regularly in your day today.
Do not make it easy to set a password. Remember a phrase, and choose the first letters of each word. E.g., “Tomorrow about 12 o’clock I will be traveling!” Potential password: Ta1oIwbt!
Set a lock screen on your phone
Regardless of the devices you take with you, make sure that your screen is protected with a strong and unique PIN or password, or one of the biometric authentication methods available, such as fingerprint reader or facial recognition.
Sensitive or sensitive information – Use encryption
If you are traveling and do not need sensitive information, then do not take it with you. Use encryption whenever necessary, e.g., encrypt your laptop’s disk, this will add an extra protection layer if your computer is stolen. Cybercriminals could not read your disk without first entering a password to decrypt the entire disk.
The loss of personal information stored on a laptop or smartphone can cause even more problems than the loss of the device itself. So make sure that all of your important information is well stored in several locations, preferably away from each other.
Leave geolocation disabled. Turn off the Bluetooth on your smartphone, you probably will not need it and it is a channel of infection that is constantly “wanted” by cybercriminals.
Moderation is extremely important. The cybersecurity of your home should also be taken into account. Resist sharing on social networks you are away from home. Geolocation photos can be a lethal weapon against you and may expose you to a physical intrusion of your own home, compromising not only devices and backups but another kind of material.
Have a great summer holiday in (cyber) security!
About the Author
Pedro Tavares is a cybersecurity professional and a founding member and Pentester of CSIRT.UBI and the founder of seguranca-informatica.pt. In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, hacking, cybersecurity, IoT and security in computer networks. He is also a Freelance Writer.