Enterprise security hardships await wherever we travel — especially during summer vacation. Connecting to an organization’s software while on vacation is different from doing so on a business trip. Employees’ mindsets are different; they’re not supposed to be working, but they’re bound to check their email or access that document that just needs a little more attention. In this increasingly digital world, it’s getting tougher for us to disconnect no matter where we are or what we’re doing. This predicament represents a huge security risk for the enterprise.

Guarding Enterprise Data

With the abundance of hacking tactics available to threat actors, it’s easier than ever to launch an attack, especially on public Wi-Fi. For example, pen testing tools like Cain and Abel and WiFi Pineapple can be used nefariously to steal passwords and enable theft of the data protected by them. If employees learn just one thing before enabling the good old out of office message, let it be this: Steer clear of public Wi-Fi unless they’re using a VPN.

Although Wi-Fi vulnerabilities tend to garner more attention, it’s also important to remember how easy it is to wreak havoc with Bluetooth. When the average Bluetooth device has a range of 100 meters (over 300 feet), a hacker gets plenty of room to be stealthy. The BlueBorne tool, for example, can attack your phone without touching it. What makes Bluetooth so vulnerable, according to Jerry Irvine, CIO and partner of Prescient Solutions and member of the National Cyber Security Task Force, is the inherent insecurity of the technology.

“For many devices, the passwords are either 0000 or 11,” he said, “so people can get to your device [through Bluetooth] and connect as a keyboard or a mouse or an entry device.” Once connected, threat actors can intercept or download information from your device. Irvine recommends turning off any services you’re not using on your phone until you need them.

Wireless concerns aside, there are many other security pitfalls to consider while on vacation, and employees should exert caution before invoking their extended out of office rule. For instance, at this time of year, there are a lot of travel-related emails and social media links that look legitimate but are anything but. Getting a message offering a chance to save 50 percent off airfare or one free night in a hotel is enticing. But according to Irvine, seven out of 10 of those are phishing scams that could take you to a malicious site that may install ransomware.

“Users need to be very cautious while clicking on the embedded links or attachments,” he said. Instead, he suggested, they should take the extra step to go directly to the airline, hotel or travel site. Even clicking on a link from a search engine results page may lead to an infected website.

And what about when employees are at the coffee shop and nature calls? It’s only going to take two minutes, right? Those two minutes are more than enough time for a well-dressed thief to sit down at the table as if he or she belongs there, pack up a laptop and exit stage left. It’s far too easy, and Irvine hears about it all too often. “It’s simple: Don’t leave your devices alone,” he advised.

A Robust Fail-Safe for Security Risks

One critical security measure for the enterprise is to ensure your employees have — or are correctly using — a mobile device management (MDM) solution. MDM allows companies to manage and enforce security policies as well as detect when a device has been compromised. Security teams can remotely initiate a wipe of the device, ensure employees don’t launch specific apps without a secure connection or disable or remove unapproved applications.

These quick tips only begin to secure the shallows of this deep ocean of potential pratfalls plaguing the enterprise with a lax-minded workforce this summer. Vacation brain is a powerful force, and in this state, security doesn’t receive the mindfulness it requires for success. Humans are and always will be the weakest link in the security chain, and summertime only reinforces the credo. The enterprise must do all it can to take security into its own hands and accept that most employees aren’t putting security first.

Sure, some of the onus is on the employees, but it’s best to err on the side of caution.

More from Endpoint

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…