It’s hard enough for a small/midsize business (SMB) to stay secure nowadays, and that task can seem even more daunting for the Road Warriors among us, those whose work pushes them out of the office for extended periods and who rely on their mobile devices to stay in touch.
But selecting the right set of technologies can keep your challenges manageable, keep you secure, and even enhance your productivity.
When thinking about IT security, it helps to envision a three-legged stool on which your data sits.
- The first leg is availability, ensuring that you can access your data when you need it
- The second is integrity, ensuring that your data is not changed without your consent
- Last, but not least, is confidentiality, restricting access to your data to authorized users only
A business may be able to function for a short time with two or even one of these legs, but stability comes from implementing solid systems in all three areas: Availability, Integrity and Confidentiality:
Availability. It sounds over-simplistic, but keeping good track of your computer is the first step in ensuring you have the tools you need to do your work. Laptops are stolen from cars and restaurants far more often than you would believe.
Keep your computer under your direct control and resist the temptation to leave it “just for a minute” to get a coffee. Store it out of sight in your car’s trunk. While we’re talking about physical security, a high-quality carrying case helps prevent damage from the small impacts that are a part of a Road Warrior’s day.
It’s also important to leverage cloud storage resources that can sync with your computer to maintain copies both locally and in the cloud (think Google Drive, Dropbox, or Microsoft’s Office 365). It’s even better if that storage solution also provides the ability to edit the documents simply on a mobile device as well as on a computer. With your data both in the cloud and on your computer, you’ll be able to work with or without an Internet connection.
Integrity. If you collaborate with others or even if you yourself edit data from multiple locations, it’s important to know how your data changed and that you can roll back if undesired changes occurred.
Select a cloud platform that maintains a version history of your files and that allows you to roll back to those earlier versions, at least for the past 30 days. Google’s G Suite, Office 365, and Dropbox all support this. Once those 30 days have elapsed, however, deleted files or earlier versions are gone for good.
You can safeguard against this by investing in a cloud-to-cloud backup solution, which will back up your data at service providers for a relatively nominal fee each month.
Confidentiality. When people think about IT security, this is the subject that most frequently comes to mind. Keeping data confidential while on the road can be tough. USB flash drives are everywhere, but they are easily lost and often carry viruses. You can share files far more safely through any of the collaboration resources mentioned above.
You need to select apps and services that commit to keeping your data confidential. Your data should be encrypted both at rest and in transit, and your service provider should promise not to divulge your data without your consent (except when ordered to do so by a court or law enforcement). Before signing on with a provider, read their security and privacy policies and make sure you can live with them.
When working on the road, it’s very tempting to use the free WiFi at the local coffee shop.
Resist that urge. Any time you connect to another organization’s network, you’re increasing your risk of exposure to malware and hackers. It’s far safer to pair your computer to your cell phone and use that phone for Internet access. If you find yourself using a huge amount of your phone’s data plan, you can obtain a mobile hotspot/cellular modem that can provide access to several devices, generally at lower data rates than are available on a cell phone. The monthly cost is small compared to the cost of compromised data.
You also need to change the way you think about passwords.
Every, yes, every password for each of your applications and websites should be different. That means your work email has a different password from your Amazon account, which is different from your banking account, which is different from your frequent flier account. Those passwords should be at least 10 characters long and they should be random.
Password managers make this seemingly impossible requirement simple to implement.
Products like LastPass and Dashlane (two of the top-rated providers) store all your passwords in a secure vault so you never need to remember them. You can access all the passwords in the vault with a single, complex password and two-factor authentication.
It’s simple and safe and critically important. If the credentials for one of your accounts are stolen, your other accounts will be perfectly safe, reducing any potential impact. These products also make it easy to create long, random, unguessable passwords. Hackers can and do guess passwords like Hello1234; they can’t guess Gdity358^1jy9PV.
All of this can seem like a lot to absorb, but you can implement these solutions gradually. When you’re done, you’ll find that you’re not only working more securely, but also more efficiently.
These recommendations may not help you catch your connecting flight, but they will allow you to work in the airport and elsewhere with peace of mind!