Cyber Security on the Road
Whether you are on the road for a business trip or traveling full time with a location independent career, maintaining good cyber security is paramount. We have already discussed some of the essential services for the road required to keep your business going from anywhere. In this article, we'll look at how to protect your identity and electronic data while traveling, so you — and your business — return home safely every time.
When you travel with your laptop, you are protecting yourself against multiple risks, the primary ones being theft, damage, and loss. Here are a few techniques for how to manage these risks.
Keeping Sensitive Files Secure
If your laptop is stolen, your files could be accessed by a savvy robber. You can manage this risk by encrypting your files and folders. Programs like TrueCrypt (free) for Windows or FileVault (built-in) for Mac can be used to encrypt your hard drive so that if it falls into the wrong hands, nobody can access your sensitive information without your password.
However, even if you encrypt your hard drive, if a customs authority wants access to your laptop, you are legally required to enter in your password to open all your files for inspection. As an additional (or alternate) method of protection, you can create TrueCrypt hidden folders to protect certain pieces sensitive information from an unwanted intrusion.
Backing Up Your Data
Protecting your laptop from damage and loss is mostly a matter of being prudent about how you carry your laptop and where you go. But accidents do happen, so regularly backing up your data is your fallback. The key is to back up your data regularly and religiously. Here are a few ways to do this:
1. Online Backups
There are a number of online backup services, many of which are free to use. Most employ encryption systems to keep your data secure. Some examples of online backup services are Carbonite, Mozy, CrashPlan, and BackBlaze. We'll discuss how to manage some of the risks of storing and transmitting your data online later.
2. External Hard Drives
Backing up data onto an external hard drive or USB drive is a preferred method for many travelers to keep their data safe. I like to use two versions of this strategy: I back up my entire laptop onto an external hard drive (which I am sure to keep in a separate place from my laptop), and I also store and encrypt some particularly important files on a USB drive which I keep in another secret spot.
3. Remote Backups
CrashPlan has a free option that lets you back up your data to other (remote) computers. The data is encrypted while being transmitted, and is easily recoverable should you need to access it.
With increasing numbers of user names with complicated passwords, many of us are challenged to remember them all. Here are some online and offline password storage options:
Online Password Storage
There are many free services that allow you to create a database of user names and passwords (and often attach documents and pictures to them as well) to help you manage your online identities. They feature different levels of encryption, and I know many who swear by these programs.
However, beware that storing and accessing your passwords online is only as secure as the computer you are using, the internet connection, and the cyberspace in between. In addition, having all your user names and passwords in one place makes it a hot commodity for hackers. If they can hack the one password you have to access the program, they can fairly easily steal your identity. Read on for some tips to increase the security of your passwords and decrease hacker-risk.
Offline Password Storage
KeePassX and Password Safe are free programs that allow you to create an encrypted database on your laptop or USB drive. However, if your laptop/USB drive is stolen or damaged, you are once again in a position where you don't have access to the files you need, and/or may be at risk for having your password storage program hacked.
I manage the risk of loss by having multiple copies of my encrypted database: one on my laptop and one on a USB drive, which I keep in a secret spot. This data is also backed up on to my external hard drive, so I have this risk managed as best I can.
In both the above cases of password storage, the weak link is the master password used to access the program. If somebody has this master password, then they have access to all your sensitive information.
The best passwords are randomly generated and are at least eight characters. You can go to GRC's Password Generator and select any eight characters to get started. Now the challenge is to remember this password! If your memory isn't that good, you could write the password down on a piece of paper with no other information on it. Passwords not associated with any user name or program aren't particularly valuable. This method isn't infallible, but it's all about managing risk as best we can.
Accessing Websites Securely
Whether using your laptop or otherwise, securely accessing websites that have sensitive information (such as banking) poses additional risk. When you are traveling, you're at the mercy of the internet connection you are using, which is never as secure as what you have at the office or at home.
To manage this risk, look for sites that have two-factor authentication. Paypal offers this service, for example. $5 will get you a device the size of a credit card that generates a rotating password. You need this randomly generated password in addition to your regular one to access your account.
Many banks (and other secure website service providers) offer this type of service but don't advertise it, so it's worth asking.
Using Internet Cafés
If you aren't traveling with your laptop, you might need to use an internet café or public computer in your hotel. However, savvy hackers have a number of tricks up their sleeve to access your passwords and data, so here are a few precautions:
- If you have any concerns about the computer you are using, don't access websites with sensitive information.
- If you do have to log on to these websites, make sure you log out when you are finished.
- Delete the web history and close the browser before you leave.
- If you are on a VPN or other connection that involves clicking "Yes" from the browser to get online, be aware that the data is passing through another portal that could be insecure.
If you are technically inclined, you can install a portable version of Firefox or Linux (such as Xubuntu, which is free) on a USB drive and load the browser directly from the USB drive to increase your secure browsing.
Although you can't shield yourself completely from all cyber-security risks while you are traveling, you can help to protect your identity and electronic data by backing up and encrypting your data, managing your passwords, looking for two-factor authentication, and being careful about public connections. Happy traveling!