Kenneth van Wyk: Enjoy your trip, but protect the data you take with you
International travel can require some pretty strong security measures if your devices contain sensitive information
Computerworld - With all the large-scale surveillance programs on the Internet, is it even possible to travel safely internationally these days? I say it is, but it depends on just how far you want to dial up the paranoia.
Let's consider two broad categories, data at rest and data in transit.
Data at rest
I travel internationally quite a lot, and I have several security guidelines and rules that I follow. One of my top concerns is that, should a device of mine be stolen or seized by customs, all the data on that device, whether it's mine or my customers', will be adequately protected from prying eyes.
Here, in no particular order, are some things to consider:
* Don't bring it if you don't need it. This seems basic enough, but amid all the preparations you need to make for a major trip, it can be overlooked. If there is data on your device that you don't absolutely need with you, then just copy it for storage on a server, archive it, delete it, whatever, but don't bring it along. If you consistently work with highly sensitive data, then it might be a good idea to maintain a separate laptop just for travel that contains only the data essential to the trip you're currently on and gets wiped upon your return so you don't inadvertently take something on your next trip that you don't need.
* Encrypt it if you bring it. If it is sensitive, then encrypt it. Consider full disk encryption with a single strong password, or at least a couple of small USB drives that are fully encrypted. The encryption password you use should be strong, but one you'll remember. Never store that password.
* Memorize all your other important passwords. You increase your data's security when you use more than one password for your device and its data. Use strong passwords, and don't write them down. If a written backup is essential for you, store it back at home or in your office, but never with you.
* Keep it with you. When I travel, my laptop is almost always with me. I don't leave it back at my hotel room because I'm not going out for long. If at all possible, I take it with me. If I can't do that, then I transfer all sensitive data to a USB device and keep that in my pocket.
* Don't trust the hotel safe. Hotel safes sound better than they actually are. It's the human element that's easily compromised, and hotel clerks just aren't as security-conscious as bankers. If you're traveling with something that really matters, keep it with you.
More by Kenneth van Wyk
- Kenneth van Wyk: Where mobile apps go wrong
- Kenneth van Wyk: Apple's big fail
- Kenneth van Wyk: After Snowden
- Kenneth van Wyk: Target breach underscores how backward U.S. payment tech is
- Kenneth van Wyk: Enjoy your trip, but protect the data you take with you
- Kenneth van Wyk: Lingering faults with security by default
- Kenneth van Wyk: High hopes for iPhone's Touch ID
- Kenneth van Wyk: Why mobile apps beat Web apps for privacy
- Bug bounties: Bad dog! Have a treat!
- How to avoid Big Brother's gaze
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts