Cybersecurity In-Depth: Getting answers to questions about IT security threats and best practices from trusted cybersecurity professionals and industry experts.

What Are the Risks of Employees Going on a 'Hybrid Holiday'?

As more employees plan on taking longer holidays and working remotely from the destination for part of that time, organizations have to consider the risks. Like Wi-Fi networks.

John Ayers, Vice President of Product, Advanced Detection & Response, Optiv

July 15, 2022

2 Min Read
Woman in jeans and a blue hat holding a phone and laptop while sitting on a beach with a suitcase
Source: Anastasia Nelen via Unsplash

Many employees are requesting a "hybrid holiday" — where longer holidays are booked with the intention of spending time working remotely from the travel destination. In a Virgin Media O2 survey from earlier this year, 76% of workers polled said they were considering adding remote-work days around their annual leave to extend their time away.

Question: What are the risks of employees going on a hybrid holiday?

John Ayers, Interim CISO and Vice President of Product, Advanced Detection, & Response at Optiv: Threat actors are like any other criminals — they do reconnaissance, and social media has become the best recon tool in the trade craft. With employees now looking to combine work with holiday plans, this has only increased the security risks for users and their companies.

Let's take an example of going overseas to Rome. It's a nice place to visit, but you also need to work. First, Internet is not a "like for like," meaning the type of access you would have there is not like yours at home. Yes, we all have been led to believe coffee shop and hotel Wi-Fi is OK to use since COVID — but it is not.

Second, not all locations are friendly. Most companies should be deploying, or have already deployed, geo-blocking in order to prevent employees from connecting in countries or locations with high risk or out of the US. Geo-blocking is a great tool to prevent and deny all access from a region. Most CISOs today need to protect access to data, which means denying access from devices based on location. They are trying to prevent MitM (man-in-the-middle attack). Why is that important? MitM employs someone setting up an access point that might not be what you think it is.

Each time you fire up the laptop or mobile device and log into Amazon or your work email, you are practicing what we call "data in motion" using the rogue Wi-Fi connection, which is now collecting all that data.

The risks here are:

  • Location. You now are advertising where you are.

  • Browsing history.

  • Purchasing. Yes, the credit card you used was just compromised. How do you avoid that? Tether your device and get an Internet plan with a secure option. I have used TEP Wireless because it grants me access wherever I go using an always-on VPN. Check with your company about traveling — especially out of the country.

So, the next time you try to take vacation and look to access your company's email and OneDrive, remember this: Using public Wi-Fi is like buying sushi at a gas station — you never know how sick you will get until you consume it.

About the Author(s)

John Ayers

Vice President of Product, Advanced Detection & Response, Optiv

Ayers leads Optiv’s technology and security innovation on threat intelligence, content management, and detection and response. He has more than 20 years of cybersecurity experience and previously served as the chief product officer at Nuspire, vice president of product management at Netsurion, chief information security officer at both NETSource and, and led Level 3 global managed security services and DDoS.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights