As many offices ease into in-person work – whether full-time or hybrid – more employees are returning to public transit for their daily commute. Without the stressors of traffic congestion and rising fuel costs, the commute is a great time to listen to a podcast, read a book, catch up on emails or get some shuteye.

While it may be tempting to log an extra hour or two on the train or bus, it does open up employees and information to an increased risk of a data leak. Using a public network is a gateway for cyber attackers to steal private data. There are also profound implications related to bringing confidential paper records into public spaces, where they can be stolen, lost or improperly disposed of.

Remote workers returning to the daily commute must remain vigilant. Read through this list of data protection tips to help keep sensitive info safe while on the go.

How To Protect Sensitive Information on Your Commute

1. Never leave belongings unattended

Unattended personal devices, documents and other sensitive information are easy for thieves to get their hands on when left alone. Always keep personal belongings close by and within sight during your travels and ensure that all bags are properly zipped or fastened to avoid a data breach resulting from theft.

2. Stay alert and awake

Sleepy commuters are easy targets for criminals, so never fall asleep on public transportation. Instead, stay alert and be aware of your surroundings to be less susceptible to crime.

3. Be aware of shoulder surfing

Commuting on crowded buses or trains is ideal for criminals to steal information. When viewing sensitive data – whether physical or digital information – remain vigilant of your surroundings. If viewing private information is unavoidable, protect data from shoulder surfers by using your hand, body or a book as a shield or install a privacy screen on physical devices to keep data safe from wandering eyes.

4. Keep conversations private

Eavesdropping is another situation that can lead to a serious security breach. Never discuss personal details or company data on the phone or with a fellow commuter in a public space. You never know who is listening and what their intentions are.

5. Use a virtual private network (VPN)

Access to free public wi-fi networks in public transportation systems and stations is becoming more common. Unfortunately, these networks do not encrypt data, making it easier for hackers to access, view and steal confidential information. While using a free wi-fi network is appealing and convenient, it creates numerous data protection risks. Instead, skip over the free network name and use a personal hotspot or a VPN, which hides the IP address and protects data from cyber attacks on public wi-fi.

6. Leave nothing behind

Leaving sensitive data on public transit or disposing it in a public space exposes information to malicious attacks. Always keep confidential documents – especially those of a legal, financial or health nature – close at hand and never throw these documents out while commuting. Instead, bring these records to the office where a professional shredding service can properly destroy them.

7. Use strong passwords

One of the biggest risks to information security is weak passwords. Avoid using easily identifiable words, sentences or sequences of numbers, such as the names of pets and children, birth dates, addresses or similar data that thieves can find on a social media profile or a Google search. Instead, use a complex string of characters that incorporate numerals, letters and symbols and never use the same credentials for multiple devices or accounts. To help you remember all your passwords, install a password manager on your devices and never write down passwords or store them in files.

8. Enable two-factor authentication

Two-factor authentication is a security process that requires more than one method of authentication to verify a user’s identity when logging into a system or service. When paired with robust passwords, multi-factor authentication provides an additional layer of security, making it difficult for cyber attackers to gain access to data stored on the same network. With this information, criminals can access your company’s systems, bank accounts, medical records and more.

9. Activate mobile device tracking

If your smartphone, laptop or other electronic equipment offers device tracking, remote locking and remote data erasure capabilities, be sure that these features are active and turned on. In the case of theft, your IT team can track the device location and lock or erase it while authorities safely retrieve it.

10. Keep device software up-to-date to avoid data breaches

Maintaining software updates ensures that devices have the latest security measures installed. It is recommended that automatic software updates are activated to provide the latest operating system and security performance. All company-issued devices should also install up-to-date malware protection and antivirus software when using a public network.

11. Use public computers with caution

If you need to use a public computer on your way to work, be thoughtful about what information you share on the public device. Any time you use a new device to log in to a personal or company account, the risk of falling victim to data theft increases. Public computers could have malware installed, making it unsafe to share, download or upload any information.

12. Be careful when using USB sticks

Never use a USB device unless your company has approved it. USB sticks may contain malware that can compromise data and lead to a serious breach. Additionally, never allow someone to plug their USB device into your computer, as their actions may be malicious.

13. Disable Bluetooth connectivity

Bluetooth and wi-fi sharing are common targets of hackers and identity thieves. When commuting, always turn off Bluetooth and wi-fi sharing when you are not using your devices to protect against being discoverable on public networks.

14. Share smartly

Avoid posting your location on social media when commuting to the office, a convention, or a business meeting. Crooked individuals can use this intel to give competitors hints into your business dealings or launch a phishing scam directed at you.

15. Stay educated

Phishing attempts are considered one of our most pressing cybersecurity threats. Phishing emails and attacks are getting more sophisticated each day and lead to severe losses for businesses, employees and customers when stolen information is used for malicious purposes. Therefore, all internet users must stay up-to-date and follow company cybersecurity policy to avoid attacks while commuting, working remotely or in the office.

Trust Blue-Pencil for Your Data Protection Needs

Blue-Pencil’s information management services are designed to meet a wide range of needs for businesses in all industries and sizes. We offer shredding, secure storage of physical records and document scanning services that will help your organization take control of physical and digital security at home and in the office – and everywhere else in between.

To learn about Blue-Pencil’s information management services, please get in contact with our customer service team to discuss your needs and request a free quote.