How to travel safely: An in-depth look at data security on the road

Travel security used to mean stashing your cash in a money belt. With the wide acceptance of credit cards, that inconvenience is mostly gone – replaced, due to the rise of cybercrime and identity theft, with the need to secure your data when traveling. Unfortunately, it is a lot trickier than most people realise to protect your personal information when you use your computer on the road.

You can start with the basics. Having a password on your computer account is a good first step, but only offers minimal protection. Ensuring that your password is actually effective if a thief gets your computer is the next step. You have to set your laptop to lock or sleep when you step away or close the lid in order for your password to be of any help at all if your computer is stolen while you are logged in. For Windows you can do this by tweaking the power management settings to require a password on wakeup and also setting a password-protected screensaver for when the machine is idle. These measures are just the start, though.

Physical security and encryption

While setting a strong password and locking your machine will protect your password cache and help stop a casual thief, it doesn’t actually protect your documents.

Think of all the spreadsheets, memos, faxes, and emails you have stashed on your laptop’s hard drive. Not to mention any slip-ups where your credit card numbers or passwords might be listed in one of your files. Even after you’ve made it so a thief can’t log in to your laptop, they can simply attach your disk to another machine to get access to all the information in your files.

The best way to protect against this is to encrypt your files. Many individual applications offer the capability to encrypt individual documents, and archive utilities like WinZip allow you to create bundles of encrypted documents. Either approach will work if you only need to protect a few files, but both require you to remember to set a password each time you create a sensitive document. And there is still the risk of unencrypted working or temporary copies lying around your computer’s disk or memory.

The simplest way to guarantee you don’t forget to protect an important file is to encrypt your entire drive – or at least the partition with your documents on it. The process is simple and inexpensive, with open source alternative TrueCrypt being a great option if you don’t work for a company that uses a commercial product. Be sure to make a backup before you start, but the encryption process itself is normally painless and will even run in the background. And do follow the suggestion of the vendor and create a rescue disk when you’re finished. (You might also want to see our guide to hiding your data).

Even better, with the speed of modern processors, decrypting data on the fly will hardly slow you down at all. In my case, I encrypt the system volumes on my laptop, but leave my media volumes in the clear to avoid any performance hits on them. If someone wants my music collection or recent images badly enough to steal my computer, that’s the least of my worries.

If possible, physically secure your laptop with a locked, cabled bag designed for that purpose. This will greatly reduce your risk of having it stolen.

Going online

Whole disk encryption works to protect your data as long as it stays on your own hard drive, but the minute you go online you’ve opened yourself up to a new series of threats. The first is the possibility of malware invading your system. Running a firewall – like the one built in to Windows or one of the many alternatives out there – is a must. The next step is securing the data you actually send over the net – typically by securing your browser and your email software.

You can try to secure your browser’s data “a la carte,” by using the secure versions of sites, those with HTTPS at the front of the URL rather than merely HTTP. Or you can take the safer route of having all your browser data encrypted using a product that natively supports creating secure sessions, like the IronKey S250 flash drive. Setting up your own personal secure channel can be done, but it is quite a bit of work. If you have the benefit of your company’s Virtual Private Network that may provide you with a ready-made solution – or you can check out our guide to the best free VPN clients if you want to grab one yourself.

Securing your email is important no matter what system you use for logging into the net. Unless you use, say, Gmail with HTTPS, you’ll need to read up on how to secure your email communications, by using only secure connections to your mail server.

Internet cafés: Breeding pits of malware

If you’re relying on Internet cafés or other public computers, instead of bringing your own laptop when you travel, you’ve got to deal with a couple of additional perils. Firstly, your keystrokes can easily be recorded, and your passwords siphoned off – and secondly, you may not be able to trust the browser or email software already installed on the shared machine.

Both of these problems can be solved with a secure USB key. With an IronKey, for example, when you need to enter a password the software pops up an on-screen keyboard where you can click on the virtual key images, invisible to any keylogging programs lurking on the machine. That solves the first problem. Keeping a portable, self-contained copy of Thunderbird for email and Firefox for browsing on your USB drive quickly addresses the other. The only downside to using software hosted on a USB drive is performance. Browsing and email are definitely slower running off a flash drive than from a local hard drive – but that’s the price you pay for security.

Like backups, security is something that seems like too much work until you’ve been burnt. All it takes is one case of identity theft to ruin your holiday or business trip. The good news is that once you’ve spent a little time encrypting your laptop and setting up a way to compute safely while you travel, it is easy to use and maintain it.