With 80% of holidays now being booked online, cybersecurity has become a rising challenge within the Travel Industry. Hackers are taking advantage of the recent pandemic and are targeting vulnerable companies with stretched IT resources, putting the travel industry under more strain from cybersecurity threats than ever before. Cyber criminals are taking advantage of our increased reliance on digital tools as millions of us are spending copious amounts of time online, working from home and relying on our phones, laptops and other devices to stay connected. This blended work and home life means that the lines are blurred more than every before; it requires more awareness around potential cyber threats, understanding personal responsibility while working at home, as well as businesses having a secure cyber environment for their employees to operate in.
This new normal means that work and homelife is now merged, personal phones are used for business calls and business data is stored on personal devices. Although employees have a personal responsibility to keep business data safe through online safety practices; businesses also have a responsibility to create a secure cyber infrastructure for them to work within. We’ve put together some tips for employees as well as some tips for a secure cyber environment for businesses.
So what should you do as an employee to stay safe online?
Ensure you have a different password for your main personal email – Your personal email account contains some of your most personal information, from your online orders through to bank statements and updates. Your email is the gateway to all of your online accounts, such as Netflix, Amazon and even social networking sites. Once this email is hacked, all other passwords could be reset and therefore become inaccessible.
Create a strong password using three random words – Weak passwords can be hacked in seconds; and the longer and more complicated your password is, the harder it is to hack for cyber criminals. One of the best ways to make your password stronger is by using a random sequence of three different words, all unrelated, that you find easy to remember in the future. This sequence of random words can then be made even stronger by adding numbers and special characters; but ensure this is something you will remember. Do not make a note of this password and leave it lying around or store it on your phone.
Save your passwords in your browser – As previously mentioned, using the same password for all your accounts can leave you extremely susceptible to further attacks – if that password is stolen, all your other accounts follow. It is not always easy remembering lots of passwords; but a solution to this is saving each different password in the browser.
Utilise multi-factor authentication –Multi-factor authentication is an extra layer of protection used to ensure the security of online accounts beyond just a username and password. MFA reduces the risk of you being hacked, by asking you for a second lot of information from you, such as a text code when you log in, or a memorable word or place. Check all of your online accounts and apps you may use to see if they offers 2FA – If they do, turn it on as soon as possible; start with the account you care about most, such a banking, email and social media.
What should I do as a business to ensure my sensitive data is protected?
Provide employees with user awareness training – Human beings are considered the weakest link in any organisation’s digital security system; they make mistakes, forget things and often fall for fraudulent practices. User awareness training involves a formal process of educating all your employees about how to handle computer security. This is a highly is an effective way of educating employees on particular topics to ensure proper procedures are followed, thereby reducing risk and keeping your organisation’s data safe.
Protect personal and business devices from malware – Devices, both company-owned and personal, are synchronised with the corporate network to gain access to official information. This information needs to be guarded in several different ways, but mainly with encryption, anti-virus and a decent firewall. Device encryption is the process of scrambling text to render it unreadable to unauthorized users, therefore keeping data safe from cyber criminals. Antivirus software will scan, detect and prevent any kids of suspicious files and software; it may prevent further attack by deleting the infected file, isolating it or monitoring the Internet traffic. A firewall acts as a shield between your network and the world wide web. It monitors the incoming and outgoing traffic from the system and prevents the suspicious packets from entering/leaving the network.
Back-up data – The purpose behind online backup is simple and straightforward: To protect the business information from theft, fire or another kind of disaster. An online backup service is beneficial for businesses because it enables you to gain access to your data without restrictions on time or location. Several copies of data keep safe in different locations to give you the assurance that all your information has protection in case an unfortunate incident occurs. If you rely on conventional IT storage methods in one location, you risk losing all your data and being unable to recover it.
Provide email protection – Phishing scams are among the most sophisticated and currently rife in the travel industry; for example, attackers creating fraudulent holiday refunds emails or insurance scams to cover or recover money spend on lost trips. Email protection software sits on your employee’s devices and helps defend your business against inbound spear-phishing, malware and spam emails entering your employees inbox.
Working practices are becoming more fragmented and adopting good online safety polices has never been more important.