Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

International Business Travel Exposes Workers to Heightened Data Breach Risks – Learn 4 Tips to Reduce Cyber Risks

June 28, 2019

  • Blog
  • Archive

A harsh reality for any employee who participates in frequent international business travel is that computing activities on your phones, laptops, tablets, and, even your Bluetooth devices, is just not safe. For those of you who are unfamiliar with these cybersecurity risks, the simple recommendation—which should be cemented within any business’s travel policy and IT security awareness training—is to only connect to “trusted” networks in foreign businesses and hotels. And, even then, there are still substantial risks from man-in-the-middle (MITM) attacks all the way through compromised networks that are leaking data. Foreign networks that you think you can “trust”, like your favorite hotel chain, are really “untrusted” and must always be connected to with caution.

The question for frequent business travelers is—"what precautions should I take to protect both personal and corporate assets when travelling?”

The risks are not equal across all geolocations. Some regions warrant extremely cautious security measures, such as using burner phones and nearly disposable laptops. Certain countries pose acute risks and it should be a forgone conclusion that, if you connect your device to Internet in these countries, you will be monitored and your device potentially “owned” with surveillance malware. Corporate employees visiting such regions should be aware of the risks, and, hopefully, your information technology department and security teams are prepared with burner equipment every time you visit these nations.

The reality of international business travel is that connected computing is not safe. Certain behaviors that we take for granted while operating in our home countries pose more substantial risks when traveling abroad. Consider the following:

1. Certain domestic airlines (like Southwest Airlines) are not available via the Internet when traveling abroad in many Asian countries. The only way to access these websites is:

a. through a virtual private network (VPN) that routes all traffic through the corporate environment so you appear to be in the correct region, or

b. through an authorized travel service like Expedia.

While this not necessarily a risk, not all Internet traffic is considered equal from all regions of the world. Visiting your favorite websites when traveling may be monitored, restricted, or even illegal.

Tip 1: Consider how and where you web surf when traveling and be mindful of any shopping you do as well. Items like CBD oil, firearms, and even personal adult items purchased abroad from your favorite websites and shipped to your home, may be illegal for purchase in a foreign country.

2. As international business travelers, we tend to carry a few Bluetooth accessories. When paired with our phones or tablets, they are not a high risk. However, if they automatically enter pairing mode when turned on and no device or previous connection is available, they are a risk. A threat actor could connect to them without your knowledge and leverage the device until it is powered off or falls out of range. Many of these devices act like an always-listening microphone, and ,if your favorite Bluetooth speakers are left powered on in your hotel room, they could be used to eavesdrop on your conversations. This is not farfetched. If you have any doubts about this, randomly open your Bluetooth connection utility from time to time and see what is openly available to connect to—even without a pin. You might be very surprised!

Tip 2: Turn Bluetooth off whenever you do not need it. Most importantly, do not connect your phone via any Bluetooth device you do not plan to utilize in the short term. By turning off connectivity to all devices not actively being used, you prevent possible surveillance and hijacking attacks. This even concerns rental cars, cabs, and other shared resources. And, if a message appears on your phone, tablet, or laptop to pair a new device or receive files (like using iPhone AirDrop), cancel the request immediately and disable the service until needed.

3. Consider the risks of WiFi. When traveling internationally for business, we still need to maintain connectivity to email, applications, and other internal and cloud resources. Many applications and basic services are now readily available in the cloud. However, just because we have WiFi does not mean we should use it to directly access these cloud resources. They may be hosted in another country and that communication, including its authentication, could be monitored or compromised.

Tip 3: We need the appropriate security layers to protect our credentials from being stolen and from applications leaking data. Organizations should enforce multi-factor or two factor authentication on all sensitive resources, including email, to prevent account hijacking. In addition, any applications and resources should be restricted using access control lists (ACLs) and context-aware security from all foreign geolocations unless the traffic originates from your home offices or is routed through a VPN. This will ensure all traffic is encrypted, difficult to sniff or monitor, and that potentially highjacked devices cannot perform inappropriate monitoring.

4. When traveling internationally, there is always a higher risk of “shoulder surfing” based on the amount of time someone can see your laptop or tablet screen. If you are not familiar with the concept, shoulder surfing is the simple act of someone looking over your shoulder—they could even be in an airline seat beside you—and be able to potentially view sensitive information on your device screen. The longer they can view your screen, the better perspective they may have on your work and private material.

Tip 4: Anyone who travels for long periods of time, especially internationally, should use a privacy filter to restrict viewing of their screen. A privacy filter is a polarized protective layer placed over your screen that blurs visibility of your content across a range of obtuse angles. This prevents unwanted eyes from snooping inappropriately, ensuring you must be right in front of the screen to legibly view the onscreen content. In addition, the larger the laptop or tablet screen, the easier it is for a threat actor to view screen contents from even multiple rows behind you. This, in itself, warrants obscuring your screen contents.

Final words on safe computing while traveling

International travel exposes workers to a high risk of electronic data exposure. Experienced travelers should understand the risks, but newer teams and younger generations may need to consider all the threats, including posting on social media about their personal lives and work when they travel abroad. Hopefully, these recommendations will help some people tune the finer points of cybersecurity when conducting business travel.

Additional Reading

The Perils of VPNs, & How to Minimize Remote Access Threats with PAM (blog)

Manage these 3 IT Security Risks to Keep Your Remote Workforce Secure and Productive (blog)

Top 10 Expert Tips for Securing Vendor & Remote Employee Access (on-demand webinar)

Secure remote access (solutions page)

When a Spear Phisher Came for Me (blog)

Morey J. Haber

Chief Technology Officer and Chief Information Security Officer at BeyondTrust

Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four Apress books: Privileged Attack Vectors (2 Editions), Asset Attack Vectors, and Identity Attack Vectors. In 2018, Bomgar acquired BeyondTrust and retained the BeyondTrust name. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. Morey currently oversees BeyondTrust strategy for privileged access management and remote access solutions. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.