Ten Steps Towards Wireless SecurityBy David Strom | Posted 2008-02-05 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
As we awake from winter doldrums and begin to do more traveling, it is
time to think more carefully about what happens when you are on the
road. Here are my top ten tips and tricks to make your wireless
connections more secure when you travel.
To keep safe, be sure to:
1. Use the s for sanity, https, that is.
When connecting to Gmail and other Web-based e-mailers, be sure to use secure HTTP protocols. At least this keeps the traffic between you and the wireless hot spot secure – otherwise, just about anyone can see what you are sending and receiving.
2. When in roam, use a VPN
If your company has a Virtual Private Network, use it to make any connection in a public hotspot, even if you're just checking the weather and your flights. Again, this encrypts your traffic to conceal it from your latte-sipping neighbors. And if you don't have one, there are tons of free VPNs if your business still doesn't have one. Here are a few suggestions from Web Worker Daily
3. Turn off your wireless network adapter when you are on the plane.
You can save battery life, and you are better protected, too. While you are at it, turn off the Bluetooth radios on your laptop for an extra energy (and security) boost.
4. Turn off any Windows file shares and iTunes shares when you travel.
To do this, go to your wireless connection's Properties panel and make sure that "Client for Microsoft Networks" and "File and Printer Sharing for Microsoft Networks" are both unchecked. You should also turn off your iTunes sharing arrangements because that is yet another way you leak data. At many hotels, I am able to browse music libraries and shared directories of other guests, which, while amusing for me, is probably not what they intended. This is found in iTunes' Preferences, in the Sharing control panel.
5. Protect your USB thumb drives.
How much of your data would be a problem with a lost USB drive? Many of the U3 drives have some minimal password protection, and there are other models that have small keypads or fingerprint scanners too.
6. Don't blithely accept certificates and SSH public keys.
Before you accept them, make sure you first understand what you are accepting. Don't log on to a public hotspot that presents you with an invalid certificate. And make sure you know when to expect the certificate in the logon process.
7. Lock your laptop.
A friend recently told me about his experience with the theft of several laptops from unlocked offices. Kensington makes an inexpensive cable that secures a laptop to a table or desk. And when you travel, be sure to put your laptop in the hotel safe when you leave your room. us.kensington.com
8. Better yet, encrypt your laptop.
You never know when someone will steal your data or break into your car or hotel room and lift the laptop. (The latter happened to me on a business trip.) For data encryption, I like PGP Disk, but there are others that cost next to nothing and provide plenty of protection.
9. When at home, secure your network.
If you don't mind having all of your neighbors share your wireless connection, then ignore this tip. But for the rest of us, use some kind of encryption on your own wireless hotspot to keep things private. Any encryption is better than nothing, and WPA2 is the best of the bunch, assuming your wireless access point and laptop both support these protocols. You may need to upgrade Windows XP (and you need to be running SP2) for WPA2.
10. Finally, use a personal firewall.
This should be standard operating procedure. The built-in Windows ones (both XP and Vista) are weak. Right now I am sweet on Kaspersky, but there are dozens that do the job. You don't want to catch any infections when on the road. At one computer conference I attended a few years ago, dozens of people were infected with the Blaster worm.