It’s July which means the start of summer here in the Pacific Northwest. When the switch is flipped and summer starts here, people pack up and head off to enjoy vacations.
Vacations are a good thing, but when you’re taking your smartphones, tablets, and laptops on travel with you, you’re exposing them to a host of risks they don’t normally face. And if these devices are ones that you use for work as a social media manager, that means that you’re potentially putting your channels at risk too.
So before you hop in your car, get on the plane, or head out on your boat for vacation, here’s a list of ten things you can do to make your vacation safer for you and your social media channels.
- Make a backup: When you’re on vacation the risk of your devices being lost or stolen go up considerably. Whether it’s accidentally sending your phone down to Davey Jones locker while boating, leaving your iPad in the rickshaw, or returning to find your laptop isn’t where you left it in your hotel room, you’ve got a greater chance of not returning with that device while on vacation. So before you leave, make sure that if your device doesn’t come home, your data is still at home by making a backup. And, make sure you test and verify the backup: you don’t want the disaster of a lost device to be compounded by the disaster of a bad backup.
- Enable a PIN or password: Another thing you want to do to address the risks around loss or theft is to lock your device with a PIN or password to make it harder for someone to access the device if they lay their hands on it. Realistically, passwords on smartphone and tablets make using them painful so most people rely on PINs for these instead. They are easier to use which makes them easier to crack. But a PIN is better than nothing at all. Either way, don’t view a PIN or a password as absolute protection (no matter how strong the password): if someone has your device and is truly determined to get the data on it, assume that they will. Security people will tell you that a determined attacker can always succeed ultimately with enough time and resources.
- Install remote recovery and wipe software: Another way to protect your data on your devices is to install remote recovery and wipe software. These packages can help you to locate your device if it has GPS capability or connects over wifi networks. These packages can also give you the ability to try keep your data out of the hands of criminals by completely wiping all data off the device. If you have to resort to this, you will definitely want to have followed tip #1 and have a known, good backup on hand.
- Remove as much data as possible: Even if you have remote recovery and wipe software on your device, it’s not guaranteed to succeed. There may be enough of a lag between when you lose the device and when you wipe it that criminals can get your data. These packages also have to be able to get the commands to the device. If the device is offline in some way, the wipe commands will fail. So, the next thing you should consider is removing any data that you don’t really need on your trip before you leave. If you don’t need the fiscal year salary spreadsheet on your laptop: leave it at home. Criminals can’t steal what’s not there.
- Uninstall social media apps: Related to tip #4, you should consider removing all social media apps that you can. On mobile devices in particular, social media apps store your usernames and passwords for ease of use. This means though that if you lose your device, whoever has that device can access your social media channels as if they were you. Taking these apps off your device before you leave and putting them back on it when you’re home is the best way to make sure that thieves don’t steal your social media channel along with your device.
- Disable Wifi and Bluetooth: I’ve focused on the risks around loss and theft but another set of risks center around hacking. When you’re on vacation you’re spending time in areas that are great hunting grounds for hackers. Airports are crowded with people on the move and so a great place for people to try and get into your devices and get your information. The best way to protect yourself from these risks is to disable all wireless features when you are not actively using them. This means shutting off Wifi and Bluetooth before you leave, only turning them on when you’re going to use them, and then turning them off when done.
- Only connect to known, trusted Wifi networks and Bluetooth devices: When you do use wireless features on your device, make sure that you’re only connecting to networks and devices that you know and trust. It’s surprisingly easy for someone to put up a Wifi network or bogus Bluetooth device and get people to connect to it. And once you connect to and use a wireless resource, ALL of your information can be observed and recorded. So you want to make absolutely sure that you’re connecting to known, trust networks and devices.
- Use a VPN: When you do connect to Wifi networks, you want to use Wifi networks that offer encryption, otherwise anyone can potentially “eavesdrop” on your network traffic. But you don’t always have the luxury of an encrypted Wifi network. And even when you do, you still can’t always be 100% sure that you can trust that Wifi network. One thing you can do to help mitigate these risks is to use a Virtual Private Network (VPN) when you’re connected. A VPN works to encrypt your network traffic, regardless of whether your Wifi connection is encrypted. And because it encrypts all your network traffic, a VPN also helps protect you from people (or agencies) who might eavesdrop on it as it’s on the Internet. Many people’s work provides VPN capabilities: if yours does even though you’re on vacation you should consider using it to protect yourself. If your work doesn’t offer VPN capabilities, there are services that you can use like Cloak. One last thing on VPNs and encryption: some countries have restrictions on the use of VPNs and encryption so make sure you check on that before you leave.
- Don’t use kiosks/shared computers: With the rise of mobile computing people use Internet kiosks and shared computers less frequently than they used to. But they’re still an option and people do use them. And people need to understand how risky this option is. Put simply you have no idea what’s happening with all the information that you’re typing into the system and seeing on the screen. In a worst case scenario, a shared computer can have a keystroke logger and other malware on the system that completely records everything from your session. We hear in the news frequently about intelligence agencies setting up fake Internet cafes to get information. If spy agencies are using this, you can bet that means this is extremely effective and so dangerous. At the end of the day, there’s no way you can really be sure that a shared computer is safe so the best thing to do is just don’t use them.
- Relax and enjoy your vacation: My last tip is actually the single most effective tip I can give you to protect your devices and social media channels: Relax and enjoy your vacation. By this I mean just leave all your devices at home, unplug and have a real vacation. Leaving your devices at home protects you from all the risks I’ve outlined (though there’s obviously a risk of theft while they’re at home and you’re gone). So leaving them behind is the easiest, most effective protection there is. You can work around not having your devices. For instance, you can rent a simple cell phone for emergencies rather than bringing your smartphone. You can bring books or a dedicated electronic reader. You can download music on to an MP3 player. We often get so wrapped up in the latest and greatest technology that we don’t understand what we actually need. Sometimes older technology can fit our needs just fine and when we’re on vacation is a great example of when they can.
Finally, my security colleagues reading this have probably noticed one thing not on the list and are about to take me to task for its absence: encrypting the data on your device. This is another effective way to protect your data if your device is lost or stolen. I’m not making a blanket recommendation though because it’s so effective that it can pose a risk itself: if you don’t know how to use it properly you can find yourself permanently locked out of your data. Both Microsoft Windows and Apple Mac OS X offer the ability to encrypt the data on your hard drive. This is definitely something to consider but also ask yourself if you can use it properly and don’t use it if you can’t.
Have a safe and enjoyable summer!