Travel Light (a.k.a Don't Bring What You Don't Need)
This applies to both tech and non-tech items. Don't need your checkbook? Don't take it. Not visiting the remote work office? Leave your work ID and/or access badge(s) at home. Passport not required? (this one might be tricky these days...) Don't pack it. Not doing work while on vacation? Leave the work laptop locked up at home or in your office desk. Reducing the items you're carrying not only makes your bags lighter, it's "one less thing" to worry about losing or getting stolen (and the subsequent stress of phone calls and emails you'd be faced with making in such a circumstance).
Protecting What Comes With
This can be (and is!) a long list of stuff. It'd be a lot for folks to follow every suggestion below, but the more you follow, the better-protected you'll be. And this is not to suggest that the baddies out there will come at you from every possible angle (well, unless you're really that interesting of a person! I, myself, am not...), but evil-doers just need one weak spot to get at ya...
- update the OS, applications, and AntiVirus definitions on your devices before you go
- keeping your laptop, phone, tablet, etc. devices updated will prevent folks from taking advantage of older bugs/vulnerabilities to gain access to your device
- securely back up your data before you go
- if a device gets stolen or seized by a government official, you'll still have a copy
- only charge your devices from your own chargers and/or battery-packs
- you'll avoid "juice jacking" this way, but if you absolutely must charge off something you don't own, use protection (or a cable you own that you are certain is a power-only --no data-- cable)
- don't connect unknown devices to your devices
- that USB drive you found on the hotel lobby floor doesn't contain anything worth the risk of infecting your laptop, trust me
- securely delete sensitive data from portable data devices
- don't leave that copy of your tax return sitting on your USB thumb drive
- disable wireless technology that your devices aren't using (Bluetooth, WiFi, NFC, etc.)
- the fewer you use, the fewer ways for an attacker to get at you
- don't connect to unknown, unsecured/"open", or poorly secured networks
- ideally use networks you know which are using WPA2 for security
- connect to a VPN when using public, hotel, and airport networks
- VPN offerings like Tunnel Bear are affordable and work on Windows, macOS, iOS, and Android
- avoid logging into personal accounts from devices other than your own
- keyloggers or credential stealing software might be present, but even a leftover cookie from forgetting to log out of your gmail is all someone needs
- use multi-step authentication (good) or multi-factor authentication (better) for your device and online logins
- there's a slight difference between the two, but doing either one of them is better than using neither of them
- ensure your stored data is encrypted
- modern operating systems (both computer and phone/tablet) make this super easy to do, where you won't even notice the data is encrypted (but someone stealing your data will notice when they can't decrypt the data to read/use it)
- store items which contain a passive RF component (e.g. U.S. passports, work badges, drivers licenses) or an RF transmitter (e.g. fobs for keyless push-button ignition vehicles) in a protective case/enclosure
- prevents attackers from reading your passport info as they brush (or drive!) by you or from stealing your vehicle while you shop
- keep an eye on your accounts that you're using for payment while traveling
- if using credit or debit cards, beware of account-info-stealing skimmers and shimmers on ATMs, gas pumps, and the like
- be aware of your surroundings when entering credentials or viewing sensitive information
- is anyone looking over your shoulder, or maybe there's a camera installed somewhere (like in the shimmer article link above)
- always log out of online sites/services when you're done using them
- in the event someone obtains your device, your logging out from these sites prevents them from accessing those accounts
- always lock your device when not in use
- it might be annoying to unlock that tablet every time you use it, but it will keep a thief from easily getting at your sensitive data
- enable "find my device" capability on your devices
- has helped find many stolen/lost devices over the years
- enable "remotely wipe my device" capability on devices which contain sensitive/personal data (or have the credentials stored to access sensitive/personal data)
- in the event you can't find the device (or it's not practical to try and retrieve it), use this tack to erase your data from the device so you don't worry about others getting ahold of your data
Protecting Your Person
Decidedly shorter list here (because I'm less knowledgeable in this area), but a few points for your consideration:
- prefer "known secret" (e.g. password, drawing pattern, image sequence) credentials to biometric (e.g. fingerprint, face recognition) or device-based (e.g. USB/Bluetooth/NFC device possession)
- while it is convenient to unlock your phone with your fingerprint, it is usually more difficult for the U.S. government to legally compel/force you to unlock a device if it is secured by "something you know" (e.g. a password, an unlock pattern, etc.) rather than "something you are" (biometric) or "something you have" (NFC keyfob)
- carefully dispose of items containing sensitive/personal/account information
- securely shred them or carry them home with you to securely dispose of later
- know your rights
- check out the American Civil Liberties Union and the Electronic Frontier Foundation
But All This Sounds Like a Hassle!
Yeah, it kind of does. But it you choose a few items here to implement in your life and get use to them, then add a few more, get used to those, etc., hopefully they'll be second nature before you know it (and your data, devices, and life will be more secure!). As the old adage goes: "an ounce of prevention is worth a pound of cure."
No comments:
Post a Comment