Pagoda Blog

Must-Know Cybersecurity Tips for Traveling Employees

December 15, 2022

If you’ve adopted a remote or hybrid workplace, odds are your employees will sometimes take their work with them when they travel. This flexibility is both the beauty and the danger of remote work, especially with so much of our data now residing in the cloud. You can access what you need for the job from anywhere with an internet connection, allowing employees to tap into the company network from an airport, cafes, vacation rentals, or mom’s house. 


While we don’t think you should discourage working outside of the company or home office, we do recommend that all employers educate their employees around essential cybersecurity practices to keep company data safe while working offsite. Below are 12 must-know cybersecurity tips for traveling employees that all businesses should incorporate into both their overall cybersecurity strategy and BYOD policy.  


1. Protect devices with 2FA or MFA

Two-factor or multi-factor authentication requires two or more forms of identification to log-in to a device or account. This extra layer of security makes it that much harder for an unauthorized party to gain access to your data.  


2. Have a strong password policy in place

Implementing 2FA or MFA will certainly strengthen the security of your devices while traveling, but adhering to a strong password policy is essential as a first line of defense. Check out these 6 password best practices to ensure your employees have impeccable password hygiene before they begin packing.   


3. Never use unprotected public Wi-Fi 

Public Wi-Fi is notorious for its lack of security measures. The connection is vulnerable to interception by anyone else who’s using the Wi-Fi — and that could be quite a few people if it’s the public Wi-Fi offered in an airport or hotel. Instead, you should always establish a safe network connecting through a VPN (see below).   


4. Establish a safe network 

If you must use public Wi-Fi, how can you make it safe? Always establish a safe network connection when traveling by using a VPN (Virtual Private Network). This encrypted internet connection makes your data unreadable should it be intercepted by a cybercriminal and prevents your online activity from being traced back to your device.  


5. Always update your software 

Security patches and software updates are most effective when they’re downloaded immediately upon notification. This is because they are designed to strengthen your defenses against security threats discovered after the original software was built and deployed. When you fail to adhere in a timely manner to software updates, you put your company’s entire network at risk, as well as others inside your network who may use the same software. Learn more about why you should always download the latest security patches and software updates


6. Don’t over-share in your OOO message

It’s common practice to include your length of time away and even where you’re traveling to in an out-of-office message. While these details can seem innocuous and even helpful to trusted connections trying to get in touch, they can also open you up to phishing attacks. In a phishing attack, a cybercriminal uses personal information to send a message from your email address that includes a malicious link or attachment or convinces the recipient to share sensitive information. Instead, keep the OOO message brief, only indicating that you are away and who your contacts should reach out to if it’s an urgent matter. 


7. Use 5+ digits for your phone’s passcode

A simple way to make it harder for someone to gain access to your smartphone is by using 5 instead of 4 digits for your passcode. Using a mix of letters and numbers will make it even more secure. Better yet? Use a form of passwordless authentication like fingerprint or facial recognition. 


8. Don’t store sensitive information on your phone

Even when your phone is protected by a strong passcode, you should be careful about what sensitive information you store on it. You should never store passwords, PINs or credit card numbers in unprotected apps like Notes. Instead, use a secure password management system like Passportal


9. Enable Find My iPhone or Find My Device 

While traveling, it’s much more likely that you’ll misplace your phone. Enabling Find My iPhone or Find My Device will help you locate your phone faster, hopefully getting you to it before it falls into the wrong hands. If you can’t retrieve it quickly, this feature also allows you to remotely erase your phone’s data.    


10. Secure screens with privacy filters

When using a smartphone or laptop in public, “shoulder surfing” (when someone nearby gains access to sensitive information simply by looking at your screen over your shoulder) becomes a real threat. The best defense is to first limit the sensitive data that you access when in public. It’s also helpful, however, to use a privacy filter. This is simply a polarized plastic sheet adhered to your screen, making it harder for unauthorized parties to view your online activity. The catch is that the filter only effectively masks your screen when looking at it from the side. If the person looks at your screen head-on, they may still be able to see what you’re up to.   


11. Inform employees what to do in the event of a data breach 

Should an employee suspect that company data has been compromised while traveling, it’s important that they know what steps to take to mitigate the damage. Providing cybersecurity awareness training to all employees on a regular basis helps to ensure that everyone knows what to do when a device is lost, hacked, or infected with malware. The first step should indicate who needs to be alerted to the incident and what information must be provided for the designated response team to effectively contain the breach. 


12. Get cyber liability insurance 

You can never fully protect your company from a data breach which is why we always recommend investing in cyber liability insurance. This insurance can buffer your business from the long-term damages of a data breach, including hefty legal fines and other associated costs.   


Education is key 

Educating your employees on best remote-work cybersecurity practices can greatly reduce the risk of a data breach. You’ll also find that employees are more receptive to trainings, reminders, and policies if you take the time to cultivate a cybersecurity culture at your workplace. If you need help implementing cybersecurity trainings or creating a cybersecurity strategy for your business, schedule a free consultation with one of our IT experts today. 


Feature photo by Anete Lūsiņa on Unsplash

Related reading: 

Is it Safer to Check or Carry-on Lithium Batteries? 

These Simple Tips Could Extend the Life of Your Laptop

Are Cookies a Privacy Threat? What Are Cookies and How to Manage Them


Want to get more posts like these once a month in your inbox? Sign up for the Pagoda newsletter and sharpen your technical skills, from cybersecurity to digital marketing



Want IT to serve you better?




About Pagoda Technologies IT services

Based in Santa Cruz, California, Pagoda Technologies provides trusted IT support to businesses and IT departments throughout Silicon Valley, the San Francisco Bay Area and across the globe. To learn how Pagoda Technologies can help your business, email us at to schedule a complimentary IT consultation.


Return to Pagoda Blog Main Page

As your trusted IT service partner, Pagoda Technologies is here to help you achieve your near and long-term business goals through reliable and affordable IT support. 

Pagoda Technologies

101 Cooper Street

Santa Cruz, CA 95060


Contact us for a free IT consultation



Get in touch 

Join our newsletter

Want IT to serve you better? 




Follow Us

Facebook LinkedIn LinkedIn