Editor's note: This is the second installment of a two-part series on keeping your information safe while traveling. Click
Step Six: Up to DateAlways keep your operating system current with new patches released by the vendor. This goes for your operating system, as well as software updates to your applications and hardware drivers. If you have a company-supplied laptop, your company's network probably downloads those updates to your machine automatically. If not, you'll need to do it yourself. Most software or operating system vendors provide the ability to update your unit from the Web, either automatically or by downloading a critical patch file. Either way, be sure you're all up-to-date before you head out the door. To view Russell Vines' video take of today's segment,
Step Seven: Don't Be My GuestA guest account is a very easy way to access your data, so if your computer uses one, be sure to disable it. Some older versions of Windows create a guest account with access to your files automatically when you install the software. That has changed a bit now, so that the guest is disabled from the default installation. You can locate the account yourself: Find this under "administrative tools" --"computer management" or "users and groups" on most machines. You can tell it's disabled when the small user icon has a red X on it.
Step Eight: Infrared BlockingThis may seem an odd tip, but it's useful: When traveling, it's a good idea to cover or disable the infrared (IR) port on your laptop. It's handy when syncing your Palm, but it's possible to use the IR port to browse someone else's files from across a room without them knowing it. I've seen intruders access data from a laptop through the IR port at conferences, and it's totally undetectable. So disable the IR access in "computer properties" when not using it to synchronize to another device. And as long as you're blocking infrared access to your laptop, disable Bluetooth discovery mode on your Bluetooth-enabled device. Bluetooth PDAs are vulnerable to bluejacking, which exploits Bluetooth's discovery mode to drop spam -- like text, images or sounds -- unnoticed, onto the unit. It's irritating, but usually harmless. A more serious Bluetooth attack is called bluesnarfing. Bluesnarfing is like bluejacking, but instead of depositing spam on your unsuspecting Bluetooth unit, it steals your data, like contact addresses and phone numbers, and sometimes deposits viruses as well. A Bluetooth device should be configured for "nondiscovery mode." Even though it limits some of its functionality, it prevents this type of intrusion.
Step Nine: Secure ServerIf it's absolutely necessary to send information that includes account or password information over the Internet through a public wireless hotspot, be sure to connect to a secure server. You'll know you're using a secure server for your transaction by the locked padlock icon on your browser (often in the lower-right-hand corner). This shows that you're using an SSL (secure-sockets layer)-encrypted session. You can also check that the Web site you're accessing is using a secure server by looking at the URL; a secure server has "https://" in its address, rather than the usual "http://."
Step 10: Data CareLosing your laptop can really put you in hot water. Almost every day the news is full of data losses leading to identity theft, mostly due to the sloppy handling of a laptop. Your company could lose a lot of market value, and you could be in big trouble. So this tip is really in two parts:
- Don't put more data than you need on your machine for the job you're going to do. Some minor hardware losses have grown into big data disasters due to the loss of a laptop containing all the company's records and client data. You probably don't need to carry around all your company's data when you travel.
- Encrypt your data, so if your laptop is lost, hackers can't use it and you're just out the cost of the hardware. Otherwise, anyone who steals and uses your laptop can read everything on it, because it just takes a few minutes to crack your login and password. The Feds are now requiring that all mobile devices employ encryption, and Visa and MasterCard, through their PCI initiative, are insisting on data encryption too. There are several companies that sell mobile device encryption software; one good one is