Travel tips: Keeping your gear secure on the road
When you hit the road, it’s easy to get paranoid—especially if you’re carrying thousands of dollars’ worth of technology with you. You can alleviate some of your worries by taking security measures to protect yourself against someone running off with your smartphone, tablet, or laptop.
Use common senseIf you’re not used to toting a machine outside your usual rounds, don’t forget these precautions.
Don’t leave devices lying around: Don’t leave a computer or other device on a table or counter at a coffee shop or other establishment and walk away or turn your back. Hardware is too easily snatched and too portable.
Don’t leave bags untended: Don’t walk away from a bag that holds your phone, tablet, or laptop. It’s simple for a thief to poke around without attracting notice, especially during the holidays when shops are busy.
Don’t use devices in unsafe locations: Don’t pull out an expensive device in an area where it can easily be snatched. This might be a phone on a dark street or even in densely packed Times Square.
Don’t bother with laptop locks: At one point, we used to recommend using a locking cable for a laptop. But Apple and other manufacturers have slimmed designs and eliminated security slots.
Password protect your devices
What if a thief does get your device—is the trouble just beginning? It might be, if you haven’t bothered with basic methods for protecting your data.
Passcode lock your phone and tablet: Just because someone gets your phone or tablet, doesn’t necessarily mean he also gets unrestricted access to all your email messages, all your contacts, and—just for good measure—your Amazon.com account. Even if you don’t normally use a passcode or a screen or sleep lock, enable it before you travel. On Android 3 and later, Windows Phone 8, and iOS 4 and later, locking a phone or tablet prevents both access to the device and protects the data storage on it through encryption.
Password protect your laptop: Do you really want to join the ranks of people who’ve compromised work data by leaving a laptop unattended and unprotected?
If you’re using a MacBook, launch the Keychain Access utility (in your /Applications/Utilities folder), and then select Keychain Access > Preferences. Select the Show keychain status in menu bar option. Now, whenever you step away from your computer, you can choose the lock icon in the menu bar and pick Lock Screen. Make this process automatic by going to System Preferences and opening the Security & Privacy pane. Click the General tab and select the Require password option immediately after sleep or screen saver begins. You can adjust the time period using the drop-down menu here.
You can lock a Windows 7 and 8 laptop by pressing Windows-L. Automatic locking can be set via selecting Start > Control Panel (Windows 7) or right-clicking the screen’s bottom-left corner and picking Control Panel. Select Personalization and click Screen Saver. The Wait box allows you to choose how long to wait before a password is required to gain access. You can also automatically lock on sleep through the Power Options control panel.
Encrypt for maximum protection
If you want to make sure that your computer’s data isn’t accessible to a more-than-casual snooper or to a thief who has all the time in the world, your best bet is full-disk encryption (FDE). FDE creates a strong encryption key, which it uses to encipher your entire hard drive. The key is held in memory while you’re in an active running session, and tossed whenever you shut down.
An FDE-protected system can only be backed up while it’s active. But this prevents anyone (including governments and you) from recovering your data without a login account and password or an appropriate passcode.
Try full-disk encryption for Mac OS X: Since Lion, Apple has provided built-in full-disk encryption through FileVault 2. You can’t recover a FileVault-protected disk’s data without an account and password. (See “Complete guide to FileVault 2 in Lion,” still applicable in Mountain Lion.) If you don’t like the configuration and options available from Apple, there’s also Sophos SafeGuard ().
Try full-disk encryption for Windows: BitLocker is a built-in FDE for Windows Vista (Business), 7 (Enterprise and Ultimate), and 8 (Pro). Third-party FDE software comes from Check Point, McAfee, Sophos, Symantec, Win Magic, DiskCryptor.net, and others. TrueCrypt, a free open-source product, also offers FDE under Windows (but not Mac OS X).
Encrypt other drives and files: You can also encrypt external drives, virtual drives (disk images), and individual files using TrueCrypt (Mac and Windows), Mac OS X’s built-in Disk Utility (Mac), and other free and paid tools. Apple added external disk encryption in the Finder in Mountain Lion, too. See “Encrypt any disk in Mountain Lion.”
Rely on built-in mobile encryption: Nearly all iOS devices have hardware encryption built in. When the passcode is active, data is unrecoverable unless a device is jailbroken or otherwise compromised. This protection is automatic, and is only absent from the original iPhone, iPhone 3G, and first two iPod touch generations. Hardware encryption also allows a quick “remote wipe."
Since version 3, Android lets you enable encryption in software or hardware (Settings > Security > Encryption). As in iOS, when the device is locked only a hardcore hacker could potentially gain access to the data. (Encryption requires the use of a code, not Android’s pattern-screen lock.)
A version of Bitlocker protects Windows Phone 8 devices, just as with a Windows laptop, and Microsoft requires hardware-accelerated encryption. A passcode protects access.
Find a lost or stolen device
Even if your device is stolen or you simply mislay it in your travels, it’s possible to aid yourself and the police in recovering it if you’ve planned ahead. Theft-recovery software for mobile and desktop operating systems can track a device so long as it’s on a network. You might recall the recent story about ABC News purposely leaving an iPad at an airport security checkpoint, then using software to locate it at the house of a TSA employee? That’s not so unusual.
With a location in hand, police are often more willing to visit a home or business, as they frequently find where one device is located, other stolen gear is found. But many thieves are now too clever for such software, and prevent devices from joining a Wi-Fi network or even wrap hardware in aluminum foil to keep it off a cellular network.
Use built-in Apple options: Mac and iOS users can use Apple’s built-in solution called Find My Mac and Find My iPhone (which works for all iOS devices). This is activated in Lion and Mountain via the iCloud preference pane, and requires Wi-Fi to be enabled to provide tracking information. In iOS, the Settings > iCloud view has a Find My iPhone switch. You can find the current location of devices (Macs and iOS gear) associated with an Apple ID by logging in to iCloud.com with that ID or using the Find My iPhone app (which includes Macs in what it finds).
Find My iPhone/Mac can both lock a device remotely or wipe it clean. Apple goes so far as to allow a Good Samaritan to dial a number you've sent through Find My iPhone even when all other calls on the iPhone are disabled.
Use third-party software: Several third-party packages, some available for Mac, Windows, and mobile OS, keep a constant low-level account of where a device is located. Others wait for a remote network trigger, checking in at regular intervals, that a device is stolen before they activate tracking. Some of them let you file a police report, see what a thief is typing, or even use your camera to snap a photo or video of the thief. Options include GadgetTrak, Absolute Software's Lojack for Laptops, and Orbicule's Undercover.
In all cases, the software has to be installed before a device is stolen, and typically registered and activated. You also want to run a test to make sure it can be located while still in your clutches. While nearly all smartphones and some tablets have GPS radios, computers and mobile devices without GPS can infer a position from nearby Wi-Fi networks using databases gathered or licensed by various parties, including Apple and Skyhook Wireless.
Google relies on Google Sync and its business-oriented Google Apps to let a system admin either erase an Android device or give a user the ability to erase remotely.
Always be prepared
It’s always hard to deal with the loss of an electronic device that has your personal and business data. By taking measures to secure your systems before you hit the road, you can defeat thieves before they get started, while helping Good Samaritans bring your precious hardware back to you.