According to a new report by Kaspersky, business travellers are more at risk of data theft. About 30% of senior business managers “have been hit by cybercrime while abroad”, according to a survey of 11,850 employed individuals who had travelled abroad for business and leisure in the past year. Jonathan Sander, VP of Product Strategy at Lieberman Software commented below.
Jonathan Sander, VP of Product Strategy at Lieberman Software:
“The Kaspersky report citing business travelers as being more of a target than others has an interesting twist to its thinking. Essentially, they seem to be more easily targeted because they use insecure networks and are under pressure to stay connected. But bad guys don’t target like that. If they are sweeping and collecting information from insecure networks, they aren’t likely to be looking for specific people to capture. Rather they are likely to drag in everything they can get and sort it out later. Naturally, a corporate target which promises big databases of user data and all the other goodies bad guys want behind the firewall rises to the top of the heap. Now, do bad guys prefer to sweep the open networks at airports because they are more likely to find that kind of data? Are they dropping key loggers onto hotel business center computers hoping to catch the person who can’t get on WiFi but needs to get that one critical email? Absolutely.”
There are three things that people and organizations can do to protect their users as they connect with critical resources from unknown points as they travel.
First, users need to be educated and enabled to make good network choices. Often business travellers will connect to the open WiFi at the airport because their mobile data service isn’t working when they land. Organizations are being penny-wise and security foolish when they don’t allow users to have some mobile data as they roam. Now, of course you want to tell users to use WiFi when it makes sense, but part of what should make is sensible is that it seems secure. How secure it needs to be likely depends on your organization’s tolerance for risk.
Second, everything that users would connect to remotely should use multi-factor authentication. If you’re using a simple username and password and the bad guys capture that, then it’s game over. With multi-factor you can be sure you’ve done your best to combat the simple attacks where users’ credentials get hijacked.
Third, you should ensure that everything the users might connect to on the run is using encrypted communications. That may mean using a VPN. But as organizations increasingly migrate to cloud, it may mean a portal using secured web communications, too. In fact, these portals can also be the choke point where you apply multi-factor to systems that may not support it directly – giving you the triple crown of cloud convenient apps, multi-factor protected authentication, and secure encrypted communications.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.