Best Practices for Protecting Employees Abroad From Cyberattacks

Beyond adapting to new cultures and time zones, employees who travel and live abroad face a more pressing concern: the risk of exposure to cyberattacks. Discover how to stay ahead of sophisticated threats with these practical tips and best practices.  

Note: This article originally appeared in the November 2021 issue of Mobility magazine. 

Employees traveling globally face a mounting challenge, beyond working and settling in abroad: personal and professional cyberattacks. To avoid these sophisticated threats, it’s critical that global mobility, HR, IT, and security help travelers take precautions.

Reminders For Data Safety 

If there were a single recommendation to follow for avoiding data breaches, it would be this: Connect only to trusted networks in foreign locations—and, even then, proceed with caution. In other words: Don’t access Wi-Fi just because you can. 

Other tips to protect personal and corporate data when traveling abroad include:

• Use a VPN to connect to the internet. It’s the safest way to connect to a network, since it will encrypt your connection and ensure that your device is secure.
• Use a USB data blocker. Even connecting to a USB power source to charge your device can be risky. A USB data blocker prevents unwanted data transfers or access.
• Issue “burner” phones or “travel-only” laptops. Provide employees with dedicated travel devices containing the minimum amount of data needed for each trip. If an employee must travel with a mobile device that contains sensitive information, consider fully encrypting it. 
• Update devices after international travel. Devices used abroad could be compromised or vulnerable to malware. Travelers should update security software and change passwords on devices before and after returning from international travel.
• Turn off Bluetooth when not needed. Bluetooth accessories, when paired with phones
  or tablets, are not a high risk, but they can be if they automatically enter pairing mode when
  turned on and no device or previous connection is available. Do not connect your phone
  via any Bluetooth device you do not plan to use. Activating airplane mode prevents possible
  surveillance or hijacking in airports, rental cars, ride-shares, cabs, etc.
• Enforce multi- or two-factor authentications. Any applications and resources should be
  restricted, using access control lists and context-aware security, from all foreign geolocations, unless traffic originates from your home offices or is VPN-routed.
• Highlight situational awareness in cyber training. Employees being aware of their physical behaviors while working remotely can limit what people or devices can see or record. 
• Use a privacy filter to restrict screen viewing. This polarized protective layer placed over your screen blurs content across a range of angles, preventing anyone from prying.
• Give packing advice. Companies should encourage employees to “pack data-light” and
  leave unnecessary electronic equipment at home.

Not All Locations Are Equal 

A practical introductory guide that gives an overview of the many laws, regulations, acts, and decrees that regulate data protection and privacy in 30 countries around the world can be found at https://www.caseiq.com/resources/a-practical-guide-to-data-privacy-laws-by-country/.  

Thomas Paton, GMS, is a senior/special projects writer at NEI Global Relocation.