Repeat the following mantra with me:
You are in a hostile environment, Road Warrior.
If you’re not within the confines of your office environment, always assume the worst of any wireless connection that you freely gain access to. Make this assumption regardless of whether you’re at Starbucks, a comfy hotel or sitting on your buddy’s couch. (Are you using the same neighbor’s insecure connection as your buddy?)
So when is your computer insecure while traveling? Once your wireless modem is enabled, your computer and its data are vulnerable in two primary ways:
Aggressively: Someone may attempt to access the data on your computer by gaining direct access to it.
Passively: Someone may attempt to capture data you send and receive while communicating over the network.
There are several easy ways to lessen the likelihood of being compromised:
1. Don’t connect to insecure wireless networks. Here’s a scenario: You feel pretty savvy carrying your own wireless router around with you while you travel. Those things work straight out of the box--plug them in and you’re all set. Problem is, they're extremely insecure if you just use the factory settings. The manufacturer makes it super-easy for you to use, but guess what? That means they’re super-easy for everyone to use. So update the default setting on those devices. Change the password and the router name to begin with. You might even considering using a different subnet than the typical 192.168.1.0. Try out something wild like 10.0.3.0 as your subnet. (Warning: you’re going to need to read the short 20-page manual to pull that off.)
Even if you don't carry your own wireless router around with you, there’s still a good way to provide people with access to your computer. Simply connect to their wireless router, which they’ll happily provide you with an IP via DHCP and possibly set to work figuring out what type of system and which open ports are located on your end. You can easily avoid this by making sure that you connect to the hotel’s or coffee shop's official open network. Under no circumstance should you ever, ever connect to an ad hoc network. [My definition of ad hoc: here today, gone tomorrow (i.e. your data)].
2. Don't allow someone to passively collect your data. Here’s a likely situation: You’ve decided to connect either to a network that sounds promising, like “Free WiFi,” or you decided to throw all caution to the wind and connect to the ad hoc network that the gruff gentleman drinking the quad latte sitting beside you was so nice to provide.
Without getting into the specific names of software, it's extremely easy to download free software that not only captures all the text that you send over email, but can also capture every single picture you’ve just seen while surfing Perez Hilton, I mean The New York Times. It’s great software. I’ve used it myself and found out just how easy it is to capture data.
3. Use a VPN and encrypt the data on your computer. On a scale of 1 to 10 I’d say that avoiding the insecure networks would put you at an 8 for wireless security. The VPN will put you at about a 9. The encryption will get you a bit above that.
With that in mind, let me be the first to say that security risks on most personal computers are much overstated. Sure, you’re at risk and need to take necessary steps to block the most obvious attempts to access your data. But don't be concerned that malicious computer users have lined up in droves to get you while you sit comfortably on your hotel bed watching "America’s Next Top Model." Most attempts to directly breach the security directly on your computer while you travel are random events that typically use brute force methods. And the methods used to intercept that critical data, like the boss' cell phone number in your email inbox, can easily be avoided by following the guidelines above.
