This weekend is the Memorial Day holiday, and many people are extending their holiday by taking Friday off too. Before you head out, here are some things to keep in mind while hitting the highway or navigating the airports. We made sure to get this one out today just in case you’re easing out the door early!
Plan
Only take what you need with you. If you have external USB drives with backups of data including tax returns or corporate mergers and financials, leave them behind. If you need it for the trip, you can get a fresh drive that doesn’t contain that data or the risk of losing that information to foreign criminals that may be out of jurisdiction. A temporary device, or “loaner”, may reduce risk for laptops and mobile devices. While a “loaner” device not only allows you to work and prevent unauthorized access to data, it can also be wiped clean upon returning to prevent malware from spreading to internal networks. Also, consider remote access: if there are a plethora of online accounts, credentials, and services, any accounts or services that can be temporarily disabled while traveling may reduce risk even further in the case of network based attacks or stolen devices that save credentials.
Protect
Hang on to it or lock it up. Mobile devices and data may be necessary, but there are most likely times when you may not need to have that extra USB drive in your pocket or laptop in a heavy bag. If you do not plan to keep it on you, and can’t keep it directly in sight, lock it up. Use a hotel room safe or guest safe if available. Keep in mind that potential threats are always present:
- A room may not be adequately secured, such as a room containing locks that can be picked or electronically compromised
- A person may be compromised, such as cleaning personnel being bribed by an attacker
- A thief may be waiting nearby, should you happen to slip up briefly (even just once)
Precaution
Think before you connect, load, or save. Connecting to a wireless network that is unsecured- whether or not it is free or requires payment for access- will expose your information and device. Only connect to trusted, encrypted wireless networks. Similarly, wired networks are not immune and should only be connected to when trusted- ideally, only when using a strong VPN. Beware of files you receive, as opening them or storing them on your own device may lead to a compromise. External drives may be compromised, files may be malicious, and network protocols can be vulnerable. Sharing your own files may expose more information than you intend. Some document formats can store tracked changes or hidden metadata. Alleged redacted information may still be present through bugs or human error. Authors, recipients, location data, software versions, file paths, and revisioning information all may be included or easily recovered.
References: http://www.pcworld.com/article/218671/9_ways_to_keep_your_mobile_devices_secure.html https://www.eff.org/wp/defending-privacy-us-border-guide-travelers-carrying-digital-devices