You May Be Ready for Vacation, But Is Your Phone?

Even if you plan to leave your laptop at home, you’re likely lugging plenty of internet-connected devices along with you on vacation. Unfortunately, those same devices that may be your fun-enhancers could be targets for hackers.

“The issue is not that cybersecurity extends beyond computers; it is that computers extend beyond traditional laptops and desktops. Many electronic devices are computers—from cell phones and tablets to video games and car navigation systems,” according to a tip sheet from the Cybersecurity and Infrastructure Security Agency. “While computers provide increased features and functionality, they also introduce new risks.”

Before You Leave the House

If you don’t practice cybersecurity basics, vacation is a good time to start. Make sure all of your devices’ software is up to date to protect against known vulnerabilities, then make sure you have a strong password or passphrase and use some form of multifactor authentication. Those are basics, but they’re effective. A recent Google study found adding a recovery phone number to your Google Account can block up to 100% of automated bots, 99% of bulk phishing attacks, and 66% of targeted attacks.

While you’re at it, a little digital spring cleaning is a good idea. Remove apps you no longer use and back up your devices. James Slaby, director of cyber protection at Acronis, suggests the 3-2-1 rule: Keep three copies of your data. The first copy is the data on your device plus two copies on different media (like an external USB device). Keep one of those copies offsite (like in the cloud or an external drive in a storage unit) to protect your data from physical catastrophes like fires or flooding. Or, in this case, if you lose your device traveling.

“Backups are the simplest way to protect your digital life,” Slaby told Nextgov. Ideally, you should set your devices to automatically backup so you never forget.

Let’s Connect. Or Not.

CISA is clear about what to do with public Wi-Fi: Don’t use it to conduct personal business, bank or shop online. If you can’t resist the urge, CISA says to turn off your Wi-Fi and rely on your phone’s data. For other uses, confirm the network’s name is legit and only visit sites that begin with “https.”

CISA also suggest turning off Bluetooth when you’re not using it. The same communications tech that allows you to use wireless earbuds can be used to steal information from your device or spread viruses. CISA recommends making sure your Bluetooth is in “hidden” mode (instead of “discoverable” if you are using it). Something to think about, smartwatch users.

And while that battery charger in the airport may look like a lifesaver, CISA recommends avoiding any charger that you don’t control. Malware can pass through USB cords, so it’s better to use your own charger even if that means fighting over the lone plug.  

What to Know in Airports

The Transportation Security Administration expects more than 263 million people to pass through security checkpoints between now and the end of summer. For most people, that means pulling your laptops and other devices out of your carry-ons unless you’re enrolled in  TSA Precheck or another Homeland Security Department trusted traveler program such as Global Entry.

Passengers at select airports—including Ronald Reagan Washington National Airport and Washington-Dulles International Airport—may get to leave their laptops in their bags while TSA tries out computed tomography in some screening lanes.

At the border, Customs and Border Protection officials have broad authority to search electronic devices without a warrant or probable cause. In 2017, more than 30,000 people had their phones, laptops and tablets searched before they could enter or leave the country. If this freaks you out, follow the Center for Internet Security’s advice for traveling and use a new or reimaged phone and change all your passwords before traveling and again when you get home.

Here’s the Thing About Rental Cars

These days, cars are basically computers on wheels. While it may be tempting to sync your device with a rental car, the Federal Trade Commission recommends being cautious.

“If you connect a mobile device, the car may also keep your mobile phone number, call and message logs, or even contacts and text messages. Unless you delete that data before you return the car, other people may view it, including future renters and rental car employees or even hackers,” FTC lawyer Lisa Weintraub Schifferle wrote in a blog.

FTC says to use a charger plugged into a cigarette charger instead of the car’s USB to avoid incidental data transfer. If you do opt to connect, be sure to check permissions and only allow access to the data your plan to use. When you’re done, delete your data and unpair your device.

Just in Case

If you think an account has been compromised, contact that applicable bank, credit card or company. You can also find additional information at IDtheft.gov.