The Last Mobile Data Security Article You’ll Ever Need
|Credit: Stuart Miles via FreeDigitalPhotos.net.|
There is a lot of advice out there for professionals traveling overseas -- or even domestically -- on how to protect their data, particularly mobile data. Here is a rundown of some of the most important advice.
Careful attention to your Wi-Fi usage when on the road will go a long way to keeping data safe. As a matter of practice, turn off Bluetooth and any features on a device that automatically connect to Wi-Fi networks. It’s easy for cyber-criminals to steal information through an automatic connection.
The rule of thumb is to avoid public Wi-Fi networks, especially a network that doesn’t require a password to access -- and certainly never, ever enter any credit card information in a “free” public Wi-Fi network.
“Anything you do on your computer while working through public Wi-Fi is fair game for others to eavesdrop on,” writes Bolt Insurance Agency. Of course the best-case scenario is to avoid using public Wi-Fi altogether, but sometimes there is simply no alternative.
“The two main risks you face when using a hot spot are having someone track your online movements via the network you’re logged on to or trick you into using a fake hot spot, either by offering it up for free or mimicking the name of a legitimate one,” Marian Merritt, Internet safety advocate at Norton by Symantec, told Travel & Leisure.
When working on public, unsecured Wi-Fi, don’t use websites that require your password or other confidential information, advises SmallBiz Technology. “Use a virtual private network (VPN), onion routing, an SSH proxy, or any sort of network tunneling that involves a certain degree of encryption,” to connect to your local network.
While online, stay on encrypted channels by using the website prefix https (rather than http). And this is crucial: Make sure that little “s” stays on the URL on every page. If it mysteriously disappears, manually add it, if you can’t, then log off immediately. HTTPS Everywhere is a useful add-on that helps do this.
Assume any public Wi-Fi network is not secure. If the only information available about a network is “Free WiFi,” don’t use it. If there are any misspelled words in the name, don’t use it. If anything else throws up a red flag, don’t use it. And be sure to set devices to “forget” any networks you use on the road.
Make sure nobody’s looking over your shoulder. You can get screen guards to use on the road that keep shoulder surfers from helping themselves to the information you’re typing. Feel paranoid? Get over it fast -- pretend you’re in a James Bond movie.
If you’re in a hotel, Starbucks, or other public place, ask management to confirm the validity of a hot spot by giving you the name or SSID (Service Set Identifier) of the network. If they get any regular business trade at all they’ll be able to do so. If they can’t, don’t use any hot spots there.
USA Today advises travelers to turn off sharing when in public. Those using Windows Vista, Windows 7, or Windows 8 will be asked for a location type. This should be set to “public,” which will automatically maximize security features when sharing data. Mac users can accomplish the same thing by going to System Preferences, selecting Sharing, and unchecking all the sharing boxes.
While online banking or shopping should be avoided on the road, using a cellular connection to do so provides a much better security than Wi-Fi.
Beyond that, the level of security needed correlates to the importance of the data and the risk level of the destination.
Consider the case of Kenneth G. Lieberthal, a China expert at the Brookings Institution, reported in The New York Times last year:
“He leaves his cellphone and laptop at home and instead brings loaner devices, which he erases before he leaves the United States and wipes clean the minute he returns. In China, he disables Bluetooth and Wi-Fi, never lets his phone out of his sight and, in meetings, not only turns off his phone but also removes the battery, for fear his microphone could be turned on remotely. He connects to the Internet only through an encrypted, password-protected channel, and copies and pastes his password from a USB thumb drive. He never types in a password directly, because, he said, ‘the Chinese are very good at installing key-logging software on your laptop’.”
The Times quoted Joel F. Brenner, formerly the top counterintelligence official in the office of the director of national intelligence, saying “If a company has significant intellectual property that the Chinese and Russians are interested in, and you go over there with mobile devices, your devices will get penetrated.”
Thankfully, most businesses won’t have to worry that much. But why take the chance?