Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

What Are the Risks of Employees Going on a 'Hybrid Holiday'?

Many employees are requesting a “hybrid holiday” — where longer holidays are booked with the intention of spending time working remotely from the travel destination. In a Virgin Media O2 survey from earlier this year, 76% of workers polled said they were considering adding remote-work days around their annual leave to extend their time away.

Question: What are the risks of employees going on a hybrid holiday?

John Ayers, Interim CISO and Vice President of Product, Advanced Detection, & Response at Optiv: Threat actors are like any other criminals — they do reconnaissance, and social media has become the best recon tool in the trade craft. With employees now looking to combine work with holiday plans, this has only increased the security risks for users and their companies.

Let’s take an example of going overseas to Rome. It’s a nice place to visit, but you also need to work. First, Internet is not a “like for like,” meaning the type of access you would have there is not like yours at home. Yes, we all have been led to believe coffee shop and hotel Wi-Fi is OK to use since COVID — but it is not.

Second, not all locations are friendly. Most companies should be deploying, or have already deployed, geo-blocking in order to prevent employees from connecting in countries or locations with high risk or out of the US. Geo-blocking is a great tool to prevent and deny all access from a region. Most CISOs today need to protect access to data, which means denying access from devices based on location. They are trying to prevent MitM (man-in-the-middle attack). Why is that important? MitM employs someone setting up an access point that might not be what you think it is.

Each time you fire up the laptop or mobile device and log into Amazon or your work email, you are practicing what we call “data in motion” using the rogue Wi-Fi connection, which is now collecting all that data.

The risks here are:

  • Location. You now are advertising where you are.
  • Browsing history.
  • Purchasing. Yes, the credit card you used was just compromised. How do you avoid that? Tether your device and get an Internet plan with a secure option. I have used TEP Wireless because it grants me access wherever I go using an always-on VPN. Check with your company about traveling — especially out of the country.

So, the next time you try to take vacation and look to access your company’s email and OneDrive, remember this: Using public Wi-Fi is like buying sushi at a gas station — you never know how sick you will get until you consume it.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.


Related News

Top 6 Cell Phone Tracker Apps for Parental Control

Top 6 Cell Phone Tracker Apps for Parental Control

Do you have difficulty knowing what your kids are up to when you’re not around? Do you want to ensure…
Moses Staff Hackers Publish Footage of Jerusalem Explosion

Moses Staff Hackers Publish Footage of Jerusalem Explosion

In a dramatic series of events, an Iranian hacker group by the name of Moses Staff published footage of the…
Watch Out Gamers: Hackers Exploiting MSI Afterburner to Deliver Coin Miner

Watch Out Gamers: Hackers Exploiting MSI Afterburner to Deliver Coin Miner

Cyble Research & Intelligence Labs (CRIL) recently uncovered a phishing campaign used by threat actors to deliver cryptocurrency miner softwares…