Do not Be Lulled Into a False Sense of Security by Hotel Hotspots When Traveling




Summer is upon us here in the Northern Hemisphere. And that means it's the season for weddings and traveling. About 198 million Americans planned summer vacations in 2015, including nearly 26 million trips to Europe. Unfortunately, the European tourism industry will likely take a hit this summer due to the attacks in France and Belgium over the last several months.


Millions of people all over the world will take summer vacations in 2016. The one thing they all have in common is the need for lodging. Summer is the most profitable season for hotels, motels, and B&Bs. And nearly all of them will offer their guests the use of their hotspots, the free WiFi networks modern travelers have come to expect. After all, you don't stop using your computer just because you're on vacation. The problem is, a large percentage of 2016 summer travelers will be lulled into a false sense of security by the hotel hotspots they'll use. This can be a huge mistake.


How Hotel Hotspots Lull You Into a False Sense of Security When Traveling


When traveling, it's easy to be lulled into a false sense of security by hotel hotspots for several reasons.


First, you may just assume a hotel's network is safe, because, after all, you're paying the hotel money to stay there. And that means the hotel will look out for your data security, right? Wrong. Hotel hotspots are open WiFi networks that are no more secure than the one at your local coffee shop. Free hotspots are literally everywhere now, and they're basically all the same. The company that changes my car's oil even has one. A world-class hotel's hotspot is the same as the one down at Jiffy Lube.


Second, you may feel mistakenly secure on hotel hotspots because you “logged in.” Trust me, you did no such thing. What you did was check “I agree” on a terms and conditions of use page the hotel put between you and the Internet via a proxy server. You can't go online until you agree to the terms and conditions, and sometimes provide a piece of personal information like your email or phone number. Even worse, a proxy-based Internet connection like the ones used at many hotels make it easier for the hotel staff to monitor your online behavior.


Third, when you think you've “logged in” by agreeing to the usage terms, you've really just given the hotel permission to collect and sell your personal data. You've effectively signed away your right to privacy. And the worst part is, hotels often sell their guest's information to data brokerage companies for profit.


Here's How You Can Increase Your Security When Traveling


• Use a VPN. – VPN is the easiest way to increase your traveling data security when you're using hotel hotspots. It will shield your online activity from criminals and hotel IT staff. Some hotels block certain websites, and VPN should allow you to access everything you need. It also encrypts your data so that the hotel can't monitor or steal it.


• Use your mobile device as a hotspot. – If you don't have VPN, I'd advise not using hotel hotspots at all when traveling. Most mobile devices can be used as secure hotspots themselves, and allow for the connection of multiple devices like laptops, tablets, and printers. Sure, it'll eat into your mobile data plan, but you can increase your data limit for a month or so to make sure you'll have the bandwidth you need. Just think of it as another travel expense; it's a lot cheaper than getting hacked. I use my mobile as a hotspot AND VPN when I travel these days.


• Change your passwords. – Strong passwords are your first line of defense against computer criminals. Change the passwords for all your important accounts before and after you travel. Use uncrackable passwords that contain a mix of letters, numbers, and punctuation. Use password management software like KeePass to generate and store uncrackable passwords. Or use an online password service like https://strongpasswordgenerator.com.


• Enable two-factor authentication: This is a great thing to get into the habit of using, both when traveling or at home. Two-factor authentication means you have to provide two separate pieces of information to access your online accounts. The first is the traditional username/password combination you're already familiar with. The second is a one-time security code that's sent to your phone via text message. The idea is that even if someone cracks your username and password, they still won't be able to gain access to your account because they don't have your phone and thus can't get the security code. It's very important that you carry your computer and phone in separate bags when traveling.


• Use lock out passwords on all your devices. – Make sure to enable lock out passwords on ALL your devices when traveling. This includes your laptop, phone, pads, and tablets. And yes, all of those passwords should be uncrackable as well. I use strong, short lock out passwords that I can memorize. You can generate some for yourself at https://www.safepasswd.com.


• Put remote wiping software on all your devices. – Remote wiping software is the nuclear option for personal data security. It means you can remotely trigger the erasure of all your data from any device if it gets stolen. Remote wipes perform what's known as a factory reset; your device is reset to the default apps and info it contained when you first bought it off the shelf. Only use remote wiping as a last resort. Anything you put on your device after you purchased it will be erased. This is another reason why it's so important to regularly back up your data. Learn more about remote wiping software at http://tinyurl.com/remote-wiping.


This information is not intended to scare you off traveling, because traveling is awesome. It's only intended to increase your awareness of the data security risks you face when traveling in the digital age. And to prevent you being lulled into a false sense of security by hotel hotspots. They may seem trustworthy, but hotel hotspots are just another form of free public WiFi, and they're completely unsecured. Don't make the mistake of trusting them with your data security.