Security Should Never Be on Holiday July 3, 2018 Cindy Provin More About This Author > For many organizations, July and August are synonymous with holidays. And, while we all want to disconnect, no one does this completely given how connected we all are. Some successfully disconnect from work, but if they check the news on their phone, call an Uber, watch Netflix on an iPad or sign up for a yoga class via an app, they are still very much connected. As the head of a security company I’m hypersensitive about the security of my personal and company data. I know that in the age of devices we use interchangeably in our work and personal lives that unless everything you are doing is secure, nothing is secure. I also know what it takes to truly secure the sensitive information on my smartphone, tablet and laptop so it doesn’t get in the wrong hands or serve as a trojan horse for a data breach. I appreciate I’m in the minority because of what I do. Hackers are smart and motivated, security is complex and both are evolving at a rapid pace. And security professionals are doing their best to stay on top of this and protect their companies’ sensitive data. Add to that, the challenge of making sure all employees have an awareness of the role they can play as the accidental source of a breach as they are living their digital lives. Companies must be vigilant when it comes to security – for the sake of their employees’ wellbeing, their customers as well as the organization’s critical information. The first line of defense is education. The more employees know about cybersecurity the more an organization can reduce the risk of vulnerabilities. With people scattering to beaches, mountains, rural areas and bustling cities, foreign countries and local hideaways, the time is right to increase awareness of the risks they will encounter and provide tips to help them practice good security hygiene. My colleagues and I apply these best practices as routine. They’re easy and can save a lot of time, energy and money in the long term. Get your devices ready for the road. Updates may seem annoying and time consuming but more likely than not they are patching a security hole or enhancing the security of your device. Make sure all of your devices are updated and patched. Avoid “Free Wi-Fi” whenever possible. Free networks are insecure networks. The minute you connect to a free network be 100% confident someone is lurking and waiting to access your information, unbeknownst to you. To protect yourself make sure your device is not set to automatically connect to a Wi-Fi network – make your decision to connect in real time. If you have no choice, never access personal, financial, health or company information while on a free network. Stay away from shared computers in business centers, libraries or coffee shops. If you need to log on from a device that isn’t yours, make sure you don’t inadvertently let the browser save any login information you use, that you close all browsers and delete any files or information you might have created or moved to the computer from a USB. The point is to remove any trace of you on the computer. If you’re not careful, the next user may access your airline account and book an exotic vacation for themselves or worse. You’ve heard it a zillion times, but it’s still prevalent. 12345678 and “password” are not strong passwords. And in today’s world of sharing our lives on social media, neither are birthdays, spouses, kids and dogs names or your favorite restaurant. To develop a strong password use a phrase and add some numbers and symbols – but make sure it’s not a quote from your Facebook page! While enjoying your holiday, always remember, even if you think you’re not carrying critical information, you definitely are. In today’s world anything can be sold on the dark web and the more information about you, the better chance it’s purchased. That information – as mundane as the street you grew up on or as critical as your medical records – has a price and a buyer. I saved the best for last as encryption is what we do at Thales, we protect the most sensitive data for organizations around the globe. And, if I could leave security pros and companies one parting piece of advice, encryption is your friend, embrace it. In today’s world where data is accessed anywhere from almost any device at any time, it’s essential that organizations not only encrypt important data but instruct employees on how to keep that data safe and out of nefarious hands. I encourage you to take a closer look. Just as hackers have upped their game, the tradeoffs between today’s superior encryption and what you thought were issues are now much less significant. Organizations must help employees stay safe. Like stopping at a red light, safety is learned through practice and security hygiene should be practiced until it becomes second nature. Please feel free to leave me a comment below on what you’re looking forward to in 2018. You can also find me at @CindyProvin Visit this page to subscribe to our newsletter to receive the latest data security research, insights from our blogs and other resources.