We’re getting to the pointy end of the year when holiday plans are being made and last minute work trips are being organised as jobs that need to be finished before year’s end rush on and deals are closed before everyone is away on holidays. That means thinking about how you’re going to secure your devices, network connection and all your other tech. Here are my five tips.
Lifehacker readers should be all over this but, if you’re in your business’ security or IT team, make sure all company devices are running VPN software and ensure your staff understand why it’s important and how to use it.
I think you have to approach all networks as untrusted. That means you must encrypt all communications and connections.
If you can’t use a VPN – I’ve found the odd hotel where the wireless connection won’t work if you’re using a VPN – then get data via a local mobile phone carrier and use that. All the Australian carriers offer roaming data deals that offer modest traffic allowances that should be enough for email and some web browsing without breaking the bank.
Avoid shared computers
Again, this is a trust issue. Internet cafes and shared computers at airports and conference centres, may look convenient but they can be a recipe for disaster.
For example, a recent case study from Org9, a company involved in developing robotics for the automotive industry, revealed that two highly trusted company officials had their credentials stolen. Both officials had been at a conference and used a computer at the conference centre to log into their email using Outlook Web Access. Unbeknownst to the officials, the computer used had been altered by a threat actor to collect their login credentials which were then used for unauthorised access.
Fortunately, Org9’s security team detected the anomalous activity before too much damage was done.
Physical security matters
The one place I feel most vulnerable is when i’m going through the security queue at an airport – particularly in the US where the lines are long and the time between me being scanned and my gear making it through the x-ray scanner can be quite different. As a result, I don’t have physical access to my bag for several minutes sometimes. I watch my bag as closely as possible, always ensuring I can also see a security official in case I need to call them.
Never leave a bag unattended or with someone you don’t know. If you’re on a trip and need to visit the bathroom, it can be tempting to leave it with the person you’ve been chatting to. But the risk is not worth it.
I’d also suggest looking at some sort of proximity alarm so, if your bag is more than a few metres away, you receive an alert.
Never lose sight of your credit card
Credit card skimming is a real risk and, while card companies and banks will generally cover any losses, as long as you’ve not intentionally given card details up, there can be massive inconvenience.
I had a card skimmed on a trip once and it was only detected when the bank told me the card had been used to buy a number of overseas flights. I’m certain that the place it was skimmed was a store where the card left my sight for a minute as the EFT machine was in a backroom.
In some shopping precincts – I’ve seen this in Hong Kong and Singapore – multiple vendors share an EFT terminal. If the merchant offers to take your card to complete the payment, politely say you’ll go with them.
These days, I use Apple Pay wherever possible so the merchant has no choice as they won’t be able to complete the transaction without my fingerprint. Plus, as that and other systems use tokenisation, your card details are never transferred to the merchant’s systems.
Passwords and passcodes on all devices are essential
This is an obvious one but there are still lots of people who don’t use a password or passcode to log into their computer, tablet or smartphone.
It might be a little annoying to enter your password in over and over, but it’s better than losing a device or having it stolen wth all your data available to complete strangers.