So i am traveling a lot these days, I have an assignment in Stockholm that means i travel by train at least 2 times per week and have done so for a few weeks. But even before that i have been helping out by writing policies and advised about security while traveling. I do travel within Sweden at this time so some parts are only relevant for when you travel abroad and most likely outside EU.
These tips and recommendations are from my experience and is a mix of experience, my opinions and best practices from industry standards, it is a bit more high level to make sure everyone can take in and understand the recommendations.
Laptop and Mobile phones
So what do you need to think about when traveling with your computer, mainly your work computer but it can be of course be done on all your equipment.
Make sure your computer are using some kind of encryption, Windows uses Bitlocker, Macbooks uses Filevault and for Linux you can encrypt with LUKS. This is a easy way and only a extra step with inputting a pin or passphrase but it makes all the difference if someone steals your computer or tries to clone it, cloning of equipment have been reported by Customs and passing borders.
This means that your data is safe and no one can get access to your and the companies data, your computer is gone but the data and sensitive information is safe from unauthorized users.
Bonus points is of course if you have some kind of tracking and possibility to remote wipe your equipment if it have been stolen. Find my mac and similar services for phones. There is MDM tools that can perform this wipes as well if not included with the device.
For the Cloning part i do recommend that when traveling abroad log out and remove all sensitive data from your computer, this is a recommended part of a It-security policy i do add, this includes logging out of websites and applications, a bit of a hassle but it is worth it, because you may need to start and login to your computer and then you do not want to make it easy for them.
You do not want to have your Sensitive and Business Material leaked to other companies or governments, at least the company does not want that.
Working from open WiFi’s
When traveling one thing you always are on the lookout for is free internet and luckily there is a lot of free WiFi and access points available, on the train, Coffeehouses and at hotels.
It is easy and a great service, many businesses gets more customers by offering Free WiFi, people will sit and drink more coffee, pastries and of course hotels, if you live there of course you need to have internet as well.
But be aware of the dangers with an insecure WiFi, there are several scenarios that my affect your security.
1. Open WiFi Networks, there is no login or requirement for inputting passwords. You connect and maybe need to accept some terms and conditions, but maybe not even that. This means your computer and phone will connect to that WiFi without any prompt presented to you!
2. Unsecure Network, basically a flat network where everyone sees everyones computers and devices. This means a malicious actor may be able to scan your devicies for vulnerabilities or even worse sniff your traffic.
3. Fake WiFi/Access points. If you sometime have accessed an open wifi, like SJ or hotel WiFi that does not have any authentication. This means a fake WiFi network that have the same name as the opened one may get your device to connect to it, and that means you will be on a malicious network, an attacker controlled WiFI network, where it can send you to malicious sites and fake logins sites. This is called “Evil Twin” more information in link.
https://www.kaspersky.com/resource-center/preemptive-safety/evil-twin-attacks
This is just a few of the most common scenarios involving Open WiFi, so what can you do to make sure you are safe?
The most common ones are, Mobile broadband, 4G/5G basically use your phone or a mobile broadband router that you are in control of. This way you have access to internet majority of the time, as long as you have cellular coverage at least.
But if you don’t have the data for it or do not want to use a separate device to be more secure there is a recommended way and is 3 letter word.
VPN
Virtual Private Network, it is basically your own private network, it basically encrypts and encapsulates the internet traffic making it almost impossible to sniff the traffic and nothing is being shared to others, it is basically a funnel from your computer to a server on the internet where the traffic is being routed through. A digital hose/Pipe line where no one is able to look into it.
One bonus part is that you can use a VPN to get your “endpoint” from where your traffic comes “out”, to be in a another country. To bypass Geo filters, you may have seen a prompt from websites or media.
“You are not allowed to this content because you are coming from this and that country” Now you can connect to a server in the “correct country”, it can be as simple as you are on vacation and you want to look at “svtplay” which only allows Swedish viewers.
There is a lot great vendors that for a small cost offers stable and secure services.
I recommend NordVPN as it is really fast and secure overall. Disclaimer “Referal link” but you will get 1 or 3 months free as well depending on your plan.
Security awareness
Basically be aware of your surroundings, are you working on a sensitive and maybe even classified documents? Make sure you sit or work at a seat where it is harder to shoulder surf. Meaning someone peeks over your shoulder and reads or record what you are looking at, this means password can be discovered as well.
Do not talk on the phone about business secrets or with your colleagues besides you.
And do not ever leave your computer unlocked or unsupervised not even for a minute! It only takes a few seconds for a attacker to infect or install something on your computer or even worse steal your devices!
As you may have understood i really like talk about security and helping you to be secure as well! I love to help out companies, Startups and just normal people as well every other way i can!
I offer Lectures, Workshops, Trainings and of course just doing the Information Security analysis, Implementation of DORA, NIS2 or just doing CyberSecurity, Vulnerability assessments and even Pentesting.
So just reach out to info@lysellssecurityandtech.com or follow us on social media to be able to enjoy more content and to get help!