Dream Firms Talks 04/2023


Topic: Basics / Cyber Security While Traveling

Basic Security

  • 12 Character Minimum for all passwords
    • Anything 8 characters or less is vulnerable to immediate brute force attacks
    • Complexity – Must include: 
      • Upper Case Characters (ASDF…)
      • Lower Case Characters (asdf…)
      • Numbers (1234…)
      • Symbols (!#$%…)
    • Last Changed – Change at least Twice a Year best practice
  • Businesses should use Premium Business versions of Anti-Malware software
    • Premium Version on every work system
    • BitDefender or Malwarebytes are both good options
    • Make sure it is updated regularly
  • Don’t use Gmail as your business email. Businesses should have their own domain
  • Employee training is a very important part of your Cyber Security plan. Training frequency should be at least twice a year
  • Monitor your internal networks and systems for alerts and changes.

Cyber Security – On the Move

  • Mobile Computing takes you and your devices away from your secure, corporate environment and exposes them to a host of dangers. Some best practices will help mitigate the risks

Device Security

  • Backups
    • Backup your system before traveling
  • Protect Your Screen
    • Prevent unwanted eyes on your screen while working
  • Unattended Device
    • Never leave any device unattended
  • Lock Your Device
    • Set up lock codes on all devices and don’t leave the screen unlocked when not in use
  • Encrypt Your Device
    • All sensitive files should be encrypted at rest
  • Use MFA (Multi-Factor Authentication) 

Public WIFI vs Hotspot

  • Hotspot – the safer alternative
    • Most cell phones and plans support this now
    • Creates a WIFI signal just for you with a password you create
    • Cellular retailers offer hotspot devices that can be added to your company cellular plan if you want to share amongst travelers
      • Our accounting firm uses these when doing remote fieldwork for audits
  • Public WIFI
    • Available in most coffee shops, restaurants, airports and even on mass transit
    • Inherently more dangerous as you are trusting a service you have no control over that was most likely set up by someone with just enough skill to turn it on
    • Always the risk of someone using a wi-fi “pineapple” to preform MITM attacks and gather data from anyone connected to the wi-fi.  
    • If you must use it (no cell service available)
      • Verify the establishment actually offers free WIFI (Could be a scammer)
      • Be very careful when selecting the WIFI connection (Slight spelling difference are a common trick)
      • Use a VPN (Virtual Private Network) to encrypt your connection 
      • Minimize connection time 
        • Bring working files with you
        • Only connect long enough to sync your files then turn off WIFI and/or Bluetooth
        • Don’t auto connect – Turn off auto connect to WIFI and Bluetooth on all devices
        • Keep Bluetooth in ‘hidden mode’ so that other devices can’t find it
    • If you connect to your device to a rental car, the phone’s data may be shared with the car
      • Unpair the device and clear any personal data before turning the car in

Mobile Charging Stations

  • USB Charging Stations can be used to install malware and capture your data in transit
    • The danger is similar to ATM and Gas Station Skimmers and is called ‘Juice Jacking’
    • Best alternative is to use a regular power outlet 
    • Alternative is to bring a USB charging brick(battery) and charge that on the USB Charging Station


  • Travel Policy – If you have traveling workers, you need a policy that clearly defines your companies’ expectations and rules for using mobile devices and computers while abroad
    • Should be inclusive of any device used to connect to corporate data (personal devices included)
      • Laptop
      • Tablet
      • Cell phone
      • Smart watch
    • Bottom Line – If you don’t want your personal device limited by your corporate policies, do not use it for corporate business
      • If your device is used at any time to connect to company data, it should always be subject to the company policies (share drive, files, email, Teams/meeting/collaboration software)
    • Our accounting firm has a policy requiring accountants to use a hotspot and to never use public or client WIFI

Resources We Use

Contact Us

For decades, we have been helping clients dealing with legal issues of all sorts. Our firm is committed to simplifying the legal process and achieving effective results for each client.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.