Autumn conference season is fast approaching. Have you ever thought about how best to secure your laptop and smartphone — and with it your data and documents or your (private?) photos and videos — while travelling? See below for some recommendations…
Of course, the best option is just to leave your laptop at home. Take a break from Facebook, WhatsApp, e-mail, etc. for a few days, relax and enjoy your conference. Remember that Internet kiosks or terminals in the hotel lobby are not an option as these computers might already be compromised and able to sniff your password. If you can’t be without your laptop — and there are plenty of reasons why — the second best option is to bring along a “disposable” laptop which does not hold any important data and which you can completely reinstall once you are back. Any work-related data can be kept at CERN and remotely accessed through CERN DFS or CERNBox. This might be particularly useful if you travel frequently and run a higher risk of theft. Using a disposable laptop might not be an option either, but there is a third option: encrypt your laptop so that all data is properly protected. CERN provides centrally managed full disk encryption solutions for Windows laptops (“Bitlocker”) as well as for Macbooks (“Filevault”) and Linux CentOS (“LUKS”). Taking a backup from just before your trip is beneficial too. Just in case…
Similarly for your smartphone, the best option is to leave it at home and get a dumb brick-type mobile phone. That way you will remain available for emergency phone calls but cannot lose any data. And once again, if this doesn’t work for you, leave your phone completely switched off when not in use and make sure that it requires you to type a strong passcode (more than 4 digits!) every time you switch it on! Never connect your phone to a docking station that is not yours. An adversary might just suck up all your data via this means. Better to use your own charger and USB adapter. Alternatively, buy a so-called “Umbrella” stick which allows you to charge your phone from any USB port but physically blocks data exchange.
Finally, if you are on duty travel and carry a CERN device (laptop, iPad, smartphone), do not forget to put the “PROPRIÉTÉ CERN” sticker, which is a means to show that your device is a CERN property enjoying, as such, the inviolability (solely available for CERN devices at the CERN Stores Urgency Window). The latter applies on the territory of the CERN Member and Associate Member States only. This does not imply that the customs or police officials are aware of CERN’s international status. As a precaution, we recommend to completely shutdown your CERN device before passing through customs. If you are requested to switch it on, we recommend that you state calmly that it is protected by the inviolability granted to CERN property and that you disagree with any search. If you are obliged to disclose your password or PIN code, please inform the Computer.Security@cern.ch of this unauthorized access ASAP. Please also note that we need to be informed if your device has been taken away, even for a few minutes, or connected to another device. We will take the necessary measures to prevent any potential remote access and, if necessary, replace your CERN device.
Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, visit our website or contact us at Computer.Security@cern.ch.