Versions Compared

Old Version 1

changes.mady.by.user Albert S Wang

Saved on

compared with

New Version 2

changes.mady.by.user Albert S Wang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Version 2.5
Last Updated May 9th, 2016

The WHY

Over the past decade there have been a number of high-profile news stories about the insecure state of our Internet and mobile device communications. From data breaches at well known retailers, to USB and firmware attacks on computers, to our intelligence agencies requiring providers to use less secure versions of encryption, to Eric Snowden's revelations about the NSA's and the UK's Government Communications Headquarters (GCHQ) bulk data gathering with Stingray and Tempora, to vendors required to use proprietary state-approved standards (like WAPI in China), never before has our private data been more vulnerable or come under such risk of compromise by unknown parties.

With many vendors releasing new technologies before they can be thoroughly tested for security, the onus has fallen on users to be aware of the risks they take using the new technologies and to take the appropriate actions to protect themselves. Fortunately there are steps every user can take to mitigate and minimize the risks.

The WHO

It is up to each traveler to assess the level of risk and take whichever steps make the most sense for their situation. There is not a one-size-fits-all solution to data protection or a security solution that will provide an invincible shield short of not using any computer technology at all.

The WHAT: Recommended Best Practices

Computers

1) We do not recommend anyone take work or personal laptops overseas.  If possible, use of separate travel laptops that only have files and applications you absolutely need.

...

  1. Firewall is turned on
  2. Guest user is turned off
  3. Make sure remote file sharing to your machine is turned off
  4. Do not use the Internet. We cannot guarantee the security of any machine that has entered MECREEK unless the Internet on the computer stays off. Turn the WiFi off, do not plug an Ethernet cable into the laptop.
  5. Do not let anyone plug usb flash drives into your computer. If someone needs to give you a legitimate file, email the file or put it in Drop Box.
  6. Use only non-administrator accounts. If your account currently has administrator level access or privileges, create a new administrator account, log into that account, and remove administrator access from your main account. This way if your account is compromised, the attacker has no rights to start installing things willy-nilly.
  7. If suddenly your computer is asking you for permission to install something that you didn't tell it or expect to install, you should say no. This is a trick used by bad hackers to try to get you to install bad stuff that steals your data.

Mobile Devices

Just how vulnerable mobile devices can be is shown by the following news stories:

...

8) If you suspect your phone has been compromised, please contact your IT support professionals for assistance. If you're using an iPhone and have a recent backup in iTunes, you can perform a "restore" in iTunes which will return iPhone to factory settings, reinstall the current newest version of the iOS and restore the data and from backup. This should remove any unsolicited malicious installations.

 

Consumer Protection

1) When abroad, use cash, pre-paid money cards, or traveler's checks rather than credit cards.

...