When traveling for business, there are some things about technology we need to talk to you about. It’s because there are big changes in store for you. You’re going places with your phone and laptop now, and that’s going to give hackers plenty of opportunities to get to you: especially when your guard is down.
Obviously we don’t want that, so here are a few best practices to consider, you brilliant business traveler, you.
Steer Clear of In-Flight Wifi
With nearly every airline offering its passengers in-flight Wifi, we can now add 37,000 feet to the list of places technology has found a footing. When you’re trapped in a sardine tube on six-hour transcon to New York, sometimes it makes sense to pull out your laptop and start catching up on emails. Sure, in-flight wifi can be pricey, but in a 24/7 business environment it pays to stay in the loop. But… does it?
A couple of weeks ago we talked about the dangers of Free Airport Wifi, but what very few people consider is that those exact same risks follow you onto the plane. That’s right, you can be hacked at 37,000 feet. Steven Petrow, journalist for USA Today, found this out the hard way on a three hour American Airlines flight to Raleigh. He spent most of his flight following up on work emails courtesy of the Gogo Inflight Internet connection, but as he gathered his things to deplane he heard a voice to his rear asking to speak to him. It was the man who’d been sitting immediately behind them. It turns out that man had not just hacked Petrows account while sitting beside him, he read through all of his emails. In fact, he’d done the same to nearly everyone on the plane.
Inflight wifi feels safe. When you’re on a plane with only a couple hundred other people, you don’t stop to think that one of the other passengers could figuratively peering over your shoulder from the comfort of business class. It just seems so unlikely, so it’s never something that crosses our mind to any serious degree. But the truth is, you don’t actually know. For some people, pentesting various networks might be their job, or something security experts do for fun to challenge themselves. But not everyone is benevolent, and when you’re offering a stranger the proverbial keys to your castle, it’s best not to assume they are.
The solution: don’t use inflight wifi for anything you wouldn’t be okay with having publicly broadcast to the rest of the plane. And if you have to, access inflight wifi through a VPN.
Swap Public for Private With Secure Personal Hotspots
Keeping on the wifi theme, one of the most surefire ways to ensure you are accessing the internet securely while on the go is to travel with a personal hotspot or MiFi device. When properly encrypted, secured with a password, and set up using a unique and uncommon SSID (e.g. not the default, and not “FBI Surveillance Van”), a personal hotspot becomes prohibitively difficult hack — in part because finding it among the sea of SSID’s being broadcast would be a challenge.
One of the benefits of choosing an SSID that is unique to you is that most hackers probably won’t waste their time trying to brute force a given device that they come across — that is, run a code that tries to guess your password in real time. Instead, hackers save time with something called a Rainbow Table, which sadly isn’t where your niece throws her many tea parties. Very simply put, a rainbow table is a monstrously large spreadsheet of precomputed cryptographic hash functions — that is, the cipher-like state in which your password is stored on your device. To create this hash for a wireless network under the most common method of encryption, WPA/WPA2, your SSID is appended to your password in what is called a salted hash, and together the password+SSID is what is encoded. For a hacker to build a rainbow table, they compute all the possible permutations of the million or so most common passwords + the most common SSID’s, which they can then crosscheck against the hash stored on your MiFi or wireless device.
The solution: don’t allow access to your MiFi be something “on the table.” The combination of unique, uncommon SSID and a strong password will make hacking your personal hotspot a near statistical impossibility.
Beware of what you’re plugging into.
There are few things more annoying than having your phone run out of juice when you’re out and about. Enter, the obvious solution: public charging stations. Less obvious, however, is the fact that public charging stations are the perfect setup for hacking unsuspecting people. Bear in mind that we’re only talking about USB-type connections, here. Plugging your phone into an AC outlet with your own adapter carries no risk. It’s when you plug into a USB outlet with your own cable, or with a borrowed cable, that you open yourself up to security. Compromised charging ports not only allow hackers to potentially steal your information, or collect information about your device, but to infect your device as well. This includes any USB jacks you find on planes!
The solution: your safest bet is to use your own adapter and cable and plug directly into the wall. Or, better yet, pick up a portable power bank and feel the freedom of being untethered! Our writer swears by the Anker Powercore — 20000 or 26800 mAh, which have the capacity to deliver upward to nine (9!) complete iPhone charges — and never leaves home without one (or sets foot on a plane without two).
Consider your travel plans.
Another thing that affects how you opt to securely connect to the web is what you’ll be doing. If you’re trekking through the lush jungles of Papua New Guinea in pursuit of the last of the seven summits (on a business trip?!?), you probably won’t be thinking much about how you’ll access your phone. But what about that bleisure cruise — the one paid for by your company that’s actually a round of corporate meetings wrapped up like a gift in a vacation bow? (It’s a thing! A very popular thing!)
You might be anything but shocked to learn that phone service in international waters is spotty. And even if you are able to get a few bars while at sea, the roaming charges are killer. While many cruises do offer customers limited internet access while on the ship, it’s often pricy and closer in speed to dial-up than the broadband you’re accustomed to. This can be a fairly rude wakeup call for employees who planned to spend their post-conference hours streaming the latest episode of the Great British Bake Off while moored off the coast of Anguilla.
And don’t get us started on voice and text prices: they can be even more brutal. Some cell service providers offer cruise ship rates for those who want to place a call at sea, but don’t be surprised if you’re charged $2.99/min. If you’re traveling with your family, that might not be that big of a deal, but if you have reason to call the office to discuss the big on-board meeting you just had with the client you’re courting, that’s an expense that can add up.
On land, it’s a much less damaging to your wallet. Many cell providers offer international inclusive plans, or passes that charge you a set day rate when out of the country. These work by connecting you to local cell networks in the country you’re in, which is ideal if you are going to be in port for a while. Plans like these are far less likely to be as painful as those accidental roaming charges. But just in case, it’s probably smart to turn that phone off at sea. After all, you’re on vacation!
Well, kind of.
Bonus Best Practice: Contact JNT TEK
As Aubrey Hepburn once sang, “there is such a lot of world to see.” See it securely with JNT TEK. Contact us today for help preparing to travel with your technology.