Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrades.
Please accept our apologies in advance for any inconvenience this might cause.

Best Practices While Traveling

Created: 10 Mar 2009 • Updated: 05 Nov 2012 • 2 comments
John Dasher's picture
0 0 Votes
Login to vote

John Dasher - Director of Product Marketing

dasherhead4

One of the more common queries I hear when talking with both customers and the press involves how I manage my computer/data security while traveling. People seem increasingly nervous about this.

There are a variety of best practices that are specific to your operating system platform (which I’ll cover in a future post), there are a number of import safeguards you can take regardless of your specific computing environment. While I personally find this specific solution a bit of a pain in actual practice, I would be remiss if I didn’t point out that the safest approach you can take is to simply not travel with sensitive data. You can’t lose or have stolen what you haven’t brought with you. And do you really need to carry with you every piece of intellectual property you’ve touched since you’ve been at your company? Probably not.

For the purposes of this article let’s assume you travel with a laptop computer and a USB thumb drive or two. My approach begins with an age-old security strategy that PGP Corporation consistently preaches known as “defense in depth,” which means that a failure in one security mechanism doesn’t result in complete insecurity. I’ll share a simple, practical application of this philosophy in a moment.

Of course, any security solution is only as strong as the weakest link in the chain. With this in mind, I implore you to choose strong passwords. At PGP Corporation, we prefer strong passphrases. I can’t stress this enough. Seldom are systems breached due to failures in the underlying encryption or cryptosystems. Rather, the human element is attacked; people seem inexorably drawn to weak passwords that can but quickly and easily attacked via brute force. Or just as bad, they write their password down and keep it in an insecure place.

With the above in mind, let’s talk tactics. First, it’s crucial that insomuch as is practical, you prevent an attacker from having physical access to your machine.

Second, use of a full disk encryption (FDE) product should be considered a basic first line of defense. Employing FDE means that your hard drive and any USB thumb drives that you carry will be fully encrypted from stem to stern, preventing the machine from booting or thumb drive data from being read if proper authentication credentials (usually a password) are not provided. Encrypting the entire disk is great, because all of your sensitive files protected, and the stuff most people don’t think of – temp and swap files, cache files, web browser cookies, etc., are also secure. FDE does this without the user having to make conscious decisions about what to encrypt.

Third, in addition to FDE, I use an encrypted virtual disk system for all of my important/confidential data. There are both organizational and security benefits to this practice.

Organizationally, I can have different virtual disks for different projects, or perhaps one for my personal data, one for work data, etc. This makes it very easy for me to back up an entire encrypted volume by simply dragging the virtual disk file to an external disk or server. Everything in a given project directory stays together on the backup volume and it remains encrypted.

The security benefit here is that by having one passphrase for my boot disk, and another for my virtual disks, I have additional layers of protection from either a brute force attack or the consequences that arise from being compelled to provide my disk passphrase to an official; my virtual disks remain protected.

By employing these simple steps, you’ve taken giant steps toward protecting yourself and your company from the theft or loss of your data. Feel better?

Comments 2 CommentsJump to latest comment

Vinnie's picture

excellent advice..

Let me share something that has helped me out .. I suggest scanning copies of your important documents such as birth certificates, passports, and the content of your wallet, such as credit cards and licenses on to PDFs.

Take the collection of PDFs and store them on a PGPdisk encrypted to a passphrase or possible a self decrypting archive.. You can take this files and place it on a USB dongle or even upload it to your phone. This give you a way to get hold of those docs while traveling..

Be sure to use a very strong passphrase.

+1
Login to vote
vanhireguide's picture

Now 2011 is finally come and if yoy want to search about transport vehicle for you house shifting than UK Van Hire offer a great discount for movers and packers rent so i hope this suggestion is helpful for you.

 

Clive Wigan

+1
Login to vote