Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
How To Stay Secure At The Hotel On A Business Trip
Newest First  |  Oldest First  |  Threaded View
KPierson
50%
50%
KPierson,
User Rank: Apprentice
5/12/2017 | 6:44:37 AM
Thank you for sharing the blog
Your blog is really very helpful.We use to prefer some of the tips like close the windows, use of trackers for computer and mobile, use hotel room safe for valuable belongings, anti-theft bag. Your blog has some many nice tips for traveler security in hotels. Thank you for sharing.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/29/2016 | 10:52:15 AM
Re: Get loaner devices from IT.
The potential for VM's is paramount here. Assuming your loaner devices are generic you could use them as a portal to log into a more defined resource.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/29/2016 | 10:50:40 AM
Re: Avoid using public-use terminals
Exactly. To add on to this benefit your machine will still have its local security mechanisms iin place most likely to combat unwanted snooping such as a username and password to log in to your laptop and a timeout to ensure that the activity time is utilized by the owner.
Dr.T
100%
0%
Dr.T,
User Rank: Ninja
4/29/2016 | 10:09:13 AM
Secure VPN
VPN works well when it is site-to-site setup. Such as in corporate offices. You can setup VPN server on your corporate server and use a VPN client in your end device, the communication between the end-device and the server would be encrypted so nobody but your corporate can access the data. No privacy but secure. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/29/2016 | 10:07:52 AM
Re: Get loaner devices from IT.
 

"...  loaner device may be generic. ..."

This is also a good point, for a non-techy person another computer may simply mean he/she would not get his/her job done and additional stress.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/29/2016 | 10:06:23 AM
Re: Get loaner devices from IT.
"... I don't see this being a common occurrence ..."

Agree with you. This was the case in the past, there is less likely an option anymore since we do have our own devices anymore in most cases.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/29/2016 | 10:04:43 AM
Re: Avoid using public-use terminals
 

" ... Avoid using public-use terminals ..."

This is a really great tip. Your own laptop is always better, let's say if you are using Gmail on your own laptop it is already encrypted from your laptop to Gmail server. Better than using hotel PC.
Dr.T
100%
0%
Dr.T,
User Rank: Ninja
4/29/2016 | 9:52:25 AM
VPN client?
I like the list, quite informative. Just one comment, I love it when I see "use VPN client" option when it comes to secure communication and privacy. Does anybody really think that this is bringing any security or privacy? Every VPN client has a VPN Server which one most likely have no control over so it is not secure or private.
RyanSepe
0%
100%
RyanSepe,
User Rank: Ninja
4/29/2016 | 8:33:19 AM
Get loaner devices from IT.
This is a good idea if your organization has extra devices. I don't see this being a common occurence because in many cases a loner computer isn't completely comprehensive solution for travel. For example, if you have a different role within the organization you may require different access, policies, etc. A loaner device may be generic.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/29/2016 | 8:30:05 AM
Avoid using public-use terminals
This is definitely a good tip. Whenever I visit a hotel I always see someone on the public terminals and knowing the nature of human behavior there are going to be many times that you forget to log out of whatever you were doing...Email, bank, paypal. These sources can provide data that would make it very easier for a snooper to acquire the information they need.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15820
PUBLISHED: 2020-08-08
In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.
CVE-2020-15821
PUBLISHED: 2020-08-08
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
CVE-2020-15823
PUBLISHED: 2020-08-08
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
CVE-2020-15824
PUBLISHED: 2020-08-08
In JetBrains Kotlin before 1.4.0, there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.
CVE-2020-15825
PUBLISHED: 2020-08-08
In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.