Are you traveling this holiday season? Be smart when using technology on the road!
Avoid Hotel Business Center Computers
Recently, the Department of Homeland Security warned businesses that cyber criminals were infecting the computers in hotel business centers with malicious software designed to record users' keystrokes. The thieves were able to steal usernames and passwords that allowed them access to bank accounts, email, and cloud-based applications. Criminals target these computers because they are easy to infect and most victims are affluent business travelers.
The solution to this security problem is simple: Don't use the computers in hotel business centers to access any of your personal or business information, including email or social networks. If you need to check in for your flight or print a boarding pass, do not enter your credit card or other personal information.
Be Wary of Public Wireless Networks
Accessing a wireless connection from the airport lounge or in your hotel may be convenient and even necessary to survive a long layover, but you need to be aware that public wireless networks, whether they are "free" or "paid" are often insecure.
Before you connect to a public wireless network, or any wireless network that you are not confident is secure, take the following steps:
- Use a Virtual Private Network (VPN) connection if possible (ask your IT person if you have a VPN for your office).
- Avoid using passwords and providing information to websites unless the connection to the website is protected by secure socket layer (SSL), indicated by "https://".
- Turn off any file sharing or public folders.
- Use the "public network" setting if available on your device.
- Make sure you are running up-to-date malware prevention software.
- If you have a personal firewall installed on your computer, make sure it is turned on and configured to block all unsolicited attempts to connect to your computer.
Ease the Pain of Stolen Devices
Smartphones, tablets, and laptops are especially vulnerable when you are traveling. Make sure all of your mobile devices are encrypted. For smartphones and tablets, implement the remote-wipe feature or application so you can protect your data if your device is stolen.
Thanks to Katie Lay of HIPAA Risk Management for this tip. Ms. Lay is coauthor of HIPAA Security: Compliance and Case Studies, available in the TMA Education Center. See also the TMA HIPAA Resource Center to learn more about HIPAA security.
Published Dec. 10, 2014
TMA Practice E-Tips main page