Skip to content ↓ | Skip to navigation ↓

With the summer holiday and festival season getting into full swing, you’ll want to stay connected to convenient travel and social media apps more than ever. But it’s important to be hyper-aware that cyber thieves are on the prowl for your personal, financial and location information.

When traveling, like many of us will be doing this Memorial Day, your digital security risks can increase. But just a few thoughtful steps can reduce your digital security risks while traveling this holiday season.

When traveling as a family, especially with younger children, it is almost inevitable that some entertainment will be needed. Android offers an option called ‘Screen Pinning,’ and it can be enabled from the ‘Security’ menu of the phone configuration. This option allows the device owner to restrict access to a specific app until the device is unlocked again.

iOS has a similar feature called Guided Access that can be enabled within the Accessibility Settings. This can help prevent your little one from accidentally deleting or modifying your data.

Holiday travel can expose data on mobile devices to risk from physical or data theft. Enabling full disc encryption before your trip and powering down a device before arriving at transportation centers and border crossings can help minimize the risk of your data falling into the wrong hands.

Top 10 Mobile Security Tips

  1. Before you leave, make sure that your device’s software is up-to-date. Consider removing older applications that you no longer use.
  2. Keep your WiFi and Bluetooth interfaces off when they are not in use.
  3. Avoid using public WiFi hotspots. Public WiFi hotspots usually have no encryption. As such, malicious actors within a certain physical distance from you can eavesdrop on your communications. If you do use public WiFi, try to use it only for basic browsing and applications that do not involve personal data. Try to avoid logging into sites or accounts that contain sensitive data, such as your bank. Also, this advice is not just for your browser. Avoid using specific applications that interface with your sensitive data, i.e., a banking application. If you find yourself needing to use public WiFi often, you should consider using a VPN. The other concern with using public hotspots is that it is dangerous to have a saved WiFi profile where the connection has no password or a well-known password. In this situation, it is trivial for an attacker to deploy a fake access point and trick your device into unexpectedly connecting to a hostile network.
  4. Consider using a VPN. In the previous tip, it was suggested that you shouldn’t use public WiFi due to unencrypted wireless communication unless you use a VPN. However, a VPN can be useful even if you don’t use WiFi. A VPN will create an encrypted connection for you so that your data is protected before it enters the network. The VPN serves as a secure tunnel between your device and the Internet. Note that not all VPN service providers are the same; a VPN provider that is not trustworthy is no better than just connecting straight to the public WiFi hotspot and in fact could be worse if the provider is malicious or becomes compromised. Make sure that you shop around and do research on your VPN service provider to ensure that the provider is trustworthy. An important consideration when traveling is whether or not the VPN client can prevent traffic from leaving your mobile device before the secure tunnel has been established. This feature provides extra assurances that no sensitive data will be exposed to a malicious wireless operator.
  5. Password protect your phone with a PIN or better yet a passphrase. Devices can be easily lost or stolen. This is never a fun event. In the unfortunate event that your device goes missing, keeping it secure with a PIN or passphrase will prevent malicious actors from accessing the physical device and then stealing your personal information.
  6. Encrypt your device. Similar to having the device PIN protected, encrypting the device adds a layer of protection to your data in the event that a malicious actor gets access to the physical device.
  7. Consider using the vendor provided GPS-based device location service. In the event that you lose your device, you can find the device or even remotely wipe it if you are worried about data loss. For those with Android devices, ‘Android Device Manager’ or the recently released ‘Find Device’ apps are both tied to your Google Account, while Apple users can use ‘Find My iPhone’, tied to their Apple ID.
  8. Prior to leaving your home network, you should configure any applications that you think you will require while you are out and about. For example, if you plan on using Uber, make sure that your Uber account is setup and that your payment information is configured. Not only do you avoid transmitting that payment information while you’re out; you avoid anyone reading off your credit card number as you enter it.
  9. Enable 2FA (two-factor authentication) for applications that support it.
  10. If you need to use your mobile device as a personal hotspot, ensure that the hotspot name reveals no personal details, use a strong password, and monitor the number of connected devices to ensure that no one else is accessing your connection.

So. whether it’s a two-week Griswold family trek, a quick weekend getaway, or a staycation close to home, stay safe and have a blast.

SANS White Paper: Security Basics
  • Lydia Walker

    My device’s software is up-to-date are WiFi and Bluetooth interfaces off when they are not in use, I always avoid using public WiFi hotspots wihout using my VPN Ivacy, i have a pin password to protect my phone, pretty much what i need to do is
    configure applications and enable 2FA (two factor authentication) for applications that support it.