• News & Resources
• Technical Resources
  • Tax
    • American Rescue Plan Act Conformity Guide (2021)
    • CCH Online Tax Research
    • SALT Resources
    • Tax Podcasts
    • CCH Tax Deadline Calendar
    • Tax Communities
  • Audit
    • Single Audit Resources
  • Beneficial Ownership Information
  • Cannabis
  • QM Standards
• Business Resources
  • Human Resources
    • HR Hotline
    • HR Webinar Archive
    • HR Assessment
    • HR Articles
    • Sample HR Documents
    • Return to Work Resources
  • Disaster and Pandemic Planning
  • Data Privacy and Protection
• Accounting Firm Management
  • Small Firm Special Interest Section
  • Client Letters
  • Engagement Letters
  • Client Record Retention Guidelines
  • MAP Survey
    • Download Results
  • Customized CPE Training
  • Career Center
• Publications
  • Footnote
    • Issue Archive
    • Regular Columns
    • Articles by Topic
    • Write for the MNCPA
  • eNewsletters
    • This Just In
    • Legislative Digest
    • Firm Administrator Bulletin
    • Accounting Educator
    • Student eNews
  • CPA Stories
  • MNCPA Perspectives
    • Topics
    • Authors
    • Archive
  • Tax Podcasts
    • Archive
• Areas of Interest
  • Focus Features
    • Cybersecurity
    • Emerging Technologies
    • Cannabis
    • Automation
• Wellness Resources
  • Step Challenge
    • Step Challenge FAQs
  • Wellness Webinars
• Knowledge Hub
• Webinar Archive
• Rules & CPA Certification
  • CPE Log
  • CPE Rules
  • CPA Certificate Information
    • Applying for Your Certificate
    • First Year Requirements
    • Certificate Renewal
    • 2020 CPE deadline extension
  • Certificate Status
    • Active vs. inactive: What's the Difference?
    • Convert to Active CPA
    • Love Your CPA Letters?
    • Retired CPA Status
    • Videos
  • Firm Requirements
    • Firm Permit Renewal
    • Firm Name Changes
  • MNCPA and BOA Differences
  • Preparing for the CPA Exam
    • Educational Requirements
    • Experience Requirements
    • Applying to Take the Exam
    • Becoming a CPA FAQ
  • FAQ
• Peer Review
  • PRIMA info
  • Review Process
  • Fees
  • Pay Peer Review Invoice
  • Find a Reviewer
  • Become a Peer Reviewer
  • AICPA Resources
  • FAQ
• Press Room
  • MNCPA Overview
    • About the MNCPA
    • Leadership Bios
      • Board Chair
      • President and CEO
    • About Minnesota CPAs
  • MNCPA in the News
  • Connect with a Media Spokesperson
  • MNCPA Logo Usage
• Professional Ethics
  • Ask an Ethics Question
  • Filing an Ethics Complaint
  • Responding to an Ethics Complaint
  • Professional Ethics Resources

Securing your technology while on the go

Wi-Fi, VPNs and outlets, oh my!

Daniel Moshe | June/July 2020 Footnote

Editor's note: Updated May 29, 2020

More and more, especially amid a global pandemic, CPAs are well-versed in working from anywhere. Many of you may still be traveling on some level, and many more will be in the future. But whether working from a coffee shop or in an airport, you must be vigilant to protect your devices and all the information they contain.

Without proper precaution, you’ll be exposed to a unique set of security risks that you otherwise don’t have to worry about while at home or at the office. My company receives many calls from traveling clients with common issues that can be easily avoided by equipping yourself with safeguards.

Follow these five travel tech security guidelines and you will be able to stay one step ahead of danger. Together, we can help put hackers out of business!

Consider all public Wi-Fi networks insecure

Who doesn’t love free Wi-Fi? I know I do. But you must proceed with caution and assume all wireless networks are insecure. Some Wi-Fi networks are lookalike networks that are setup by bad actors with the sole purpose of stealing information, not getting you online. Nowadays, we have a fast, reliable Wi-Fi hotspot traveling along with us in our pockets — your smart phone. Most cellular providers offer some amount of personal hotspot and, unlike in the past where mobile internet speeds were much slower than Wi-Fi, 4G LTE can actually be faster than Wi-Fi in many cases. 

Sometimes, using public or open Wi-Fi will be your only option, especially inflight Wi-Fi or in cases where you have slow or no cellular reception. In these cases, when you join a wireless network, you will often be presented with some sort of screen to login and use the Wi-Fi. Be very cautious when entering login information into these websites. The login information should match the wireless network you are joining. For example, logging into Delta Wi-Fi, you should only have to enter your Delta or Gogo credentials. The same goes for Comcast or Xfinity Wi-Fi. If you join a wireless network that requires you to login to your Office365, Google or Facebook account, it’s likely a spoofed or fake login page setup to steal your login credentials for those web services so they can take over your accounts and monetize them.

When using an open or public wireless network, never ignore the HTTPS or SSL encryption warnings. This is your first and most important clue that something is up. If you see an SSL error message, your web browser is letting you know that you may not be communicating with the website you think you are. If you see SSL error messages, like the one above, disconnect from the network and try another one later or at another location. It’s not worth it.

If you feel you might have logged into a spoofed website that stole your credentials, use a trusted network and — as quickly as possible — change those passwords. If you haven’t done so already, enable two-factor authentication for that account as well. Two-factor authentication is the best way to protect yourself from someone who might have stolen your password. If you used that same username/password combination for other websites, change it there as well.

What about VPNs?

I often get asked about using a VPN while traveling. VPN (virtual private network) software wraps all your communications coming and going from your computer in a private tunnel that no other users of the network can see. Most websites are encrypted with the latest in encryption technology and you will get a warning if you were about to submit information to a website in an unencrypted form.

That said, your internet whereabouts could still be eavesdropped on by other users on the network, and VPN software can address that. If you are a road warrior and want an extra layer of protection for your own piece of mind, a few dollars a month for a VPN app might be a worthwhile investment. In some cases, your IT provider might offer one that connects your computer to the office network and this methodology works just as well. There are several good, affordable VPNs available, including ExpressVPN and NordVPN, among others.

Charge up safely

While traveling, if you’re not looking for fast Wi-Fi, you are most likely looking for an outlet to charge up our power-hungry devices. Standard 120 volt outlets are perfectly fine, but be wary of USB outlets. I’ve found them to be unreliable at best, and there are security concerns. It is possible for someone to gain access to your device and its information when plugged in via USB. I travel with the RavPower60W 6-port USB charging station so I can charge my iPhone, Apple Watch, iPad Pro and iPad Mini with one device (I know, I have an iProblem).

Another option to keep your devices charged on the go is an external battery. I use the Anker PowerCore 10000. It can charge my device several times and is small and very portable. This way, I don’t have to use those USB power outlets at all.

Enable yourself to find your lost or forgotten device

In the business of travel, it can be easy to leave something behind. I once left my iPad Pro in the seatback pocket of an airplane. Fortunately, I had enabled Find My iPhone on all my iDevices and I was able to determine the location of my iPad (Minneapolis-St. Paul International Airport) and put my iPad in lost mode so that it would display a notification on my iPad with my contact information. This made it easy for the lost and found personnel to contact me and we quickly made arrangements for me to pick up my iPad.

Time is of the essence with items like this, so the moment you suspect a device of yours might be lost or missing, login to iCloud (or your device’s comparable feature), track down your device and lock it down. The longer you and your device are apart, the more likely the battery will be dead, and you won’t be able to even see where it was last.

If you haven’t already, setup Find My iPhone for Apple devices or Find My Device for Android and familiarize yourself with its functionality. Don’t wait until you lose your device to set this up; it will be too late and there is nothing that Apple or anyone can do to help you at that point.

Best practices on the go

Other common technology best practices apply, and are even more important while traveling, due to the increased risk of losing your device. They include:

• Double-checking to ensure your backups are working.
• Install all the latest software and security updates for your devices.
• Enable screen-lock passcodes.
• Ensure device storage is encrypted.
• When you get home, change your passwords for any services you accessed while you were away.
• Keep your devices in your possession at all times.

Follow these steps and you’ll avoid that call to your IT department and lengthy paperwork in dealing with a hacked email account, information stolen off a device or finding a lost device. In addition to helping put a hacker out of business, you’ll be able to keep on living life as a responsible member of the business traveler community with peace of mind knowing that your information is safe and secure.

Daniel Moshe is the CEO of Tech Guru, a technology firm specializing in CPA practices. You may reach him at 612-235-4895 or daniel@techguruit.com.