Government // Cybersecurity
Commentary
7/23/2014
09:06 AM
Jerry Irvine
Jerry Irvine
Commentary
Connect Directly
LinkedIn
RSS
E-Mail
50%
50%

Summer Travel Cyber Security Tips For Government Employees

Vacationing as a government employee brings special security concerns. Follow these precautions to protect your devices and data on the beach and beyond.

 Government Data + Maps: 10 Great Examples
Government Data + Maps: 10 Great Examples
(Click image for larger view and slideshow.)

Vacation season is in full swing and so are hackers looking for opportunities to pounce when you're relaxed and your guard is down, especially if as a government employee you might possess extra-valuable information.

The cyber risks begin even before you leave for vacation. Don't be one of those people who announces his travel plans on social media. This information is easily accessed by malicious users hoping to break into your home or work systems to gain access to proprietary and confidential information via remote systems while you are away. This is particularly true for government employees whose systems might be dormant or used by others in their absence.

Resisting the urge to share your travel plans via social media is just the first step in mitigating cyber security risks. Here are some additional tips for government employees who are hitting the road for some needed downtime:

  • When planning a vacation, you should only use websites of known companies. Unfamiliar discount websites can be malicious sites set up to infect you and steal confidential and classified data. Using unknown sites and applications, especially while at work, can hurt the security and performance of governmental systems.

[Net neutrality doesn't have to be a rerun of the Hatfields and McCoys. Read Net Neutrality: Let's Move Beyond Class Warfare.]

  • Never click on links or attachments containing coupons or discounts in emails received from a travel companies or other marketers. Phishing emails contain viruses or redirect you to sites in order to get IDs and passwords. Governmental organizations and agencies are favorite phishing targets. Instead, you should go directly to the website to review promotions and offers.

  • When logging into a website with a user ID and password, make sure it's an "HTTPS" site. Never enter any personal information, especially credit card data, into a website whose URL starts with "HTTP" because it's not as secure. Instead use a payment company or service such as PayPal, Amazon, or Google. Services do not pass your financial information but instead take the payment and transfer money from their systems, protecting your data. Governmental organizations might also provide purchasing cards or purchase orders for authorized travel.
  • Notify your credit card companies of your travel dates and locations so they can watch for unauthorized activity and alert you of any usage outside of your travel areas. You should also set up multi-form factor authentication on your accounts. This will send separate emails or

Next Page

Jerry Irvine is a member of the National Cyber Security Task Force and the CIO of Schaumburg, Ill.-based Prescient Solutions, an IT outsourcing firm. View Full Bio
Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
BobH088
50%
50%
BobH088,
User Rank: Apprentice
7/25/2014 | 9:24:37 AM
security solution?
One of the most common causes of data getting in the wrong hands is the loss of mobile devices that often contain a frightening amount of private information. I want to share a protection option that worked for me. Tracer tags (mystufflostandfound.com) let someone who finds your lost stuff contact you directly without exposing your private information.  I use them on almost everything I take when I travel like my phone, passport and luggage after one of the tags was responsible for getting my lost laptop returned to me in Rome one time.
asksqn
50%
50%
asksqn,
User Rank: Ninja
7/23/2014 | 6:37:40 PM
Whither protection of sensitive data?
Allow me to ask about the 500 lb elephant in the room not being addressed - why would a government employee in the possession of sensitive information be taking his or her (no doubt) agency owned electronic device with him on vacation in the first place?  An even better question is why the heck is the device permitted to leave the office at all?  This sure puts firmly into perspective all of those stolen unencrypted, employee laptops containing social security numbers the VA and other government agencies keep losing.  
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and trends on InformationWeek.com
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.