Government // Cybersecurity
Commentary
7/23/2014
09:06 AM
Jerry Irvine
Jerry Irvine
Commentary
Connect Directly
LinkedIn
RSS
E-Mail
50%
50%

Summer Travel Cyber Security Tips For Government Employees

Vacationing as a government employee brings special security concerns. Follow these precautions to protect your devices and data on the beach and beyond.

    texts to you with additional passcodes for you to use when logging in. This added security measure decreases the risk of someone getting into your accounts. You can also set up other alerts on your accounts to send emails or texts for transactions over specific amounts. This will provide you with a warning should your cards or information be lost or stolen.
  • Every coffee shop, restaurant, hotel, and even some government facilities now offer free, publicly accessible WiFi. Although they might be convenient, beware using these hotspots. Using "man-in-the-middle" techniques, hackers can redirect your WiFi traffic to their PC and steal all of your IDs, passwords, and financial information.
  • International travelers are even more at risk because hackers know you have little knowledge of international sites. Many sites containing viruses and malware are directed to unsuspecting travelers advertising inexpensive transportation, tours and discounts. Government employees with remote access to their offices who access these sites can put data and systems at risk of denial of service, loss or corruption of data, and even remote control of systems. Similarly, many tourist attractions and tours offer mobile tour apps for installation on your smart phone or tablet. Stay away from these apps; you should install only the apps in your mobile device manufacturer's online store. Installing apps outside app stores increases the risk of a hacker infecting your mobile device, obtaining all your personal information, and gaining remote access to government facilities systems and data to which they are connected.
  • The most obvious security risk is device theft. With physical access to your device a cyber criminal can break your password in minutes. It might be tempting to take a quick dip while leaving your tablet or smartphone on the beach towel or chaise lounge but it's plenty of time for someone to walk away with it. Don't leave your laptop or phone unattended in a locked hotel room or in your car. Most hotels provide an in-room safe for your valuables: use it.

Cyber crime isn't limited to device data theft, of course. Travelers are also vulnerable to credit card crimes and theft of their financial information. Be wary of ATMs and POS systems. You should use only the devices of companies you know. Cyber criminals have gone as far as to place counterfeit ATMs in public areas to get credit and ATM card data and PINs.

Even when using known companies' machines you should be careful. Cyber criminals frequently place "skimmers" in ATM and POS systems to gather unsuspecting users' personal data. Look closely at the machine to see if there are unusual or loose parts on it. Plastic card readers might be pushed into the card reader to gather your data and transfer it wirelessly. If an ATM or POS system looks strange in any way, do not use it and notify the company.

Finally, never let your credit or ATM card out of your sight. Waiters and cashiers should be able to use portable devices at your table so you can see what they are doing. Portable "skimmers" are easily acquired from the Internet and your service person could steal all your information with a single swipe of your card.

Losing your personal information or devices to thieves affects not only you but your organization or governmental facility. Fortunately, observing these precautions can keep vacation time the carefree downtime you deserve.

Join us at GTEC, Canada's government technology event. Over 6,000 participants attend GTEC -- Government Technology Exhibition And Conference each year to exchange ideas and advance the business of information and communications technology (ICT) in government. Don't miss thought-provoking keynotes, workshops, panels, seminars, and roundtable discussions on a comprehensive selection of ICT topics presented by leading public sector and industry experts. Register for GTEC with marketing code MPIWKGTEC and save $100 on entire event and conference passes or for a free expo pass. It happens Oct. 27 to 30 in Ottawa.

Jerry Irvine is a member of the National Cyber Security Task Force and the CIO of Schaumburg, Ill.-based Prescient Solutions, an IT outsourcing firm. View Full Bio
Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
BobH088
50%
50%
BobH088,
User Rank: Apprentice
7/25/2014 | 9:24:37 AM
security solution?
One of the most common causes of data getting in the wrong hands is the loss of mobile devices that often contain a frightening amount of private information. I want to share a protection option that worked for me. Tracer tags (mystufflostandfound.com) let someone who finds your lost stuff contact you directly without exposing your private information.  I use them on almost everything I take when I travel like my phone, passport and luggage after one of the tags was responsible for getting my lost laptop returned to me in Rome one time.
asksqn
50%
50%
asksqn,
User Rank: Ninja
7/23/2014 | 6:37:40 PM
Whither protection of sensitive data?
Allow me to ask about the 500 lb elephant in the room not being addressed - why would a government employee in the possession of sensitive information be taking his or her (no doubt) agency owned electronic device with him on vacation in the first place?  An even better question is why the heck is the device permitted to leave the office at all?  This sure puts firmly into perspective all of those stolen unencrypted, employee laptops containing social security numbers the VA and other government agencies keep losing.  
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of June 21, 2015.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.