By Jeff Garell
Whether you're hitting the road for business or personal travel, making sure you keep your company or individual information secure should be the top of your list. In yesterday’s blog post, we discussed Plan and Prepare. Today, let’s tackle the last two topics: Prevent and Purify
Prevent
Now that you're on the road, you need to be a little more aware of your surroundings – whether making sure you collect everything after passing through the X-ray station or sitting in the airport lounge waiting for your flight. Be sure all of your stuff is accounted for and NEVER, NEVER, NEVER put anything of value in your checked luggage.
Clothes and toiletries can be replaced relatively cheaply compared to your tech gear, fancy cameras, and the like. As mentioned in yesterday’s post, the less gear you bring, the less you have to worry about tracking.
Once you've navigated the Transportation Security Administration and airport gauntlet, you've arrived at your destination. And it’s smooth sailing from here, right? Not really. There are still potential threats all around, and your prevention steps go beyond the physical safety of your gear:
1. Check the room safe: Is it big enough to fit all of your electronics if you want to ever leave them behind? If not, what can or should you do? This is a tough one. You can choose to take the risk and leave it behind, try to hide it somewhere (between mattress & boxspring? Duct Taped to the outside of the building?), or you'll just need to take it with you. Whatever you choose for this trip, you might need to consider paring down your pile before the next one so you can fit your gear in that safe next time.
2. Be aware of housekeeping: I tend to not make much of a mess, even on the longest of trips, so I often leave the “Do Not Disturb” sign on my door for the duration of my stay. If I run into the staff in the hall, I'll explain (and often sign something) that I don't want my room cleaned. If I need something such as fresh towels, I’ll call or go to the front desk and make the request. How does this help? If no one is supposed to ever be in my room but me, then the key card access logs will be easy to narrow down. Additionally, I have walked down the halls during housekeeping time and have often seen many doors left open while the staff members work their way along the corridor. In fact, I've approached my room while it was getting cleaned, walked right in, grabbed a couple of things (my notepad), and walked out without being challenged as to whether this was my room. That’s when I decided this was a better tactic. If you want to get your room cleaned, take everything of value with you.
3. Validate the Wi-Fi: This advice applies to your visits to the Starbucks, Panera and anywhere else that doles out free Wi-Fi. Here’s one spot where you'll want to do some practicing before you hit the road so you have the process down. Whenever I sign on to the Wi-Fi, I'll quickly scan the network (using nmap) to see if I can find any other devices on it. A properly configured guest network should block “conversations” between guests on that network. If it doesn't, you should seriously reconsider whether you should use that Internet service. If I can see your device, then I can see your traffic and capture your data.
In addition, at hotel check-in, verify the Wi-Fi network name so you connect to the correct one. I recently stayed at a well-known hotel chain that uses something along the lines of "IBahnxxxx" (with the x’s being a number) as its guest network, but, when looking for it, I saw several variations of “hotelName_Guest” access points. If you connect to the wrong one, you're now connected through a stranger’s “access point,” and someone could decrypt your session in what’s called a Man-in-the-Middle Attack. Had I not checked, I probably would have connected to the more obvious access point names.
4. Turn it off: No, not your glowing personality, but your device. If it’s connected to Wi-Fi and you're not using it, turn it off. Just closing the lid of your laptop isn't really good enough for a motivated enough attacker. If you're connecting to an Ethernet port (wired), then be sure to disconnect the cable. Many IT departments enable something called Wake-on-LAN (WoL) so they can turn your machine on remotely if they need to do maintenance; leave a machine on the wired hotel network, and your laptop could be turned on while you're away. If you've followed the advice about encrypting your drive, then there’s much less to worry about regarding WoL.
All right, your trip is nearly over, and it’s time to check out. You hung on to those room card keys right? I ask because there are hotel systems that will put some of your personal data – and, in a few cases, your credit card info – in plain text on that card. These systems are getting phased out, but I certainly won't trust that the hotel I'm in has the latest and greatest software or systems – even if it’s new. Every key card comes home with me and gets friendly with the shredder.
Purify
OK, finding a “P” word for remediate or fix was a little challenging. So by "Purify", I mean when you get back home (or to the office), it’s time for a heavy duty scan by your anti-virus/anti-malware tools.
If you have an IT department, ask what you should do given available tools. For the most part, you're looking to make sure that you don’t share something picked up while on the road. Some people take this to an extreme by fully restoring their equipment with backups they made before traveling. Unless you're going to a hacker conference, this is probably not necessary, but some will still do it.
This might seem to be a pretty daunting list of things to think about - and these rules apply whether you're on vacation or on a business trip - but given the potential loss you could experience, it’s well worth the effort. I hope you've picked up a few good ideas that will help keep your gear and data safe while on the road.
Happy and safe travels!
Jeff Garell is a co-founder of Convergent Technologies Group.
No comments:
Post a Comment