E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants


SPECIAL NOTE TO ALL VISITORS:
Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


THREATS TO TRAVELING DATA

Source: The New York Times

Posted on December 20, 2012

With small and fast laptops, powerful smartphones, tablets and readily available Wi-Fi, working on the road -- on planes, in airports and hotel rooms -- has never been easier. But security experts say these conveniences also make the offices away from home more vulnerable to serious security threats.

"It's a huge, huge issue for companies and employees and growing more each day," said Bruce McIndoe, president of iJET Intelligent Risk Systems, a travel risk management company. "It's a ripe environment for hackers and criminals."

A report released last week by the Symantec Corporation, a security software provider, and the Ponemon Institute, a privacy and information management research firm, found that data breaches showed no sign of leveling off and were increasingly costly.

"As business travelers, we're on the road so much, we psychologically forget that we're in public," said Ben Knieff, head of product marketing for fraud at NICE Actimize, a company that focuses on financial crimes in the financial services industry. Mr. Knieff recalled how he was recently boarding a plane and overheard an executive speaking loudly on a cellphone as he booked a hotel, revealing all of his credit card information, including the security code.

Laptops and mobile devices have numerous vulnerabilities, starting with loss and theft. McAfee, a security technology company, also noted, in a report last month, a 46 percent increase in the amount of malware created for mobile devices from 2009 to 2010. To limit exposure of particularly sensitive information, some companies switch mobile devices when employees travel, Mr. McIndoe said. "Older versions could be more vulnerable," he said, as criminals have had time to learn how to hack them. And criminal access to mobile networks may be easier in certain foreign countries, because of lax security and corruption.

Michael Malin, executive vice president of Mandiant, an information security company, suggested hiding mobile devices when they are unattended. "We've all seen maids leave hotel room doors open with service carts," he said. Someone could easily enter the room and "infect a computer or extract sensitive data," he said.

"We're seeing the use of social networks to gather publicly available information on targets," he added. Posting photographs and travel plans can jeopardize personal safety and sensitive business negotiations, experts said.

Publicly shared computers at hotels and Internet cafes "are probably the riskiest," Mr. Knieff said. "Anyone can walk in and sit down," he said.

Even printing boarding passes can be dangerous. "Don't leave them in public trash cans either. Anytime you leave data about yourself in a public place, it creates opportunities," Mr. Knieff said.

Debit card data skimming has also been rising sharply, particularly in Europe and parts of Asia, Mr. Knieff said. He recommended that travelers report their plans to their banks. When using A.T.M.'s, travelers should look for signs of tampering, and use machines only at banks, preferably in protected areas.

"I travel to Southeast Asia frequently, and you hear about how it is a hotbed for credit card fraud," said Bryndon Bay, president of Mel Bay Publications, a musicpublishing company, in Pacific, Mo., who relies on his iPad and iPhone on the road. Both are locked and protected with secure passwords. "I never go to places where I have to enter frequent-flier numbers, credit card information, or any personal data," he said, "and I always clear off history after I finish because I don't trust who may go on after me."

"I just feel I use common sense and it works for me," Mr. Bay said.

Robert Hamilton, senior product marketing manager for Symantec, recommended avoiding free public Wi-Fi. "Some look like legitimate hot spots, but they are set up by criminals," frequently at airport terminals. If using a wireless connection, he suggested entering it through a smartphone connection, which is much harder to hack. And at hotels, obtain an access key before using the wireless connection, he said, to ensure it is not "sponsored by the person in the room next door."

Betsy Page Sigman, a professor of operations and information management at the McDonough School of Business at Georgetown University, said travelers attending conventions should also be aware of the risks. "You want to be overly cautious, especially if you are around a lot of competitors," she said.

Bob Austin, president of KoreLogic, an information security consultancy, said, "If I had a single piece of advice for a business traveler's peace of mind, it is whole disk encryption," he said. Used with a robust pass phrase, similar to a password, "everything on the hard drive is protected from disclosure." Many organizations also require their employees to use virtual private networks, which lower the risk of interception when accessing public wireless sites. The V.P.N. sends data through an encrypted tunnel.

Tracy Armer, systems manager for the Madison Park Group, a stationery and gift company in Seattle, said sales staff members used both whole disk encryption and V.P.N.'s when traveling, but he discouraged taking laptops unless critical. "You could be on a business trip, innocently looking up a good place to eat on the Internet, but there is a financial folder open on the desktop," he said. "Someone could potentially browse the contents of your laptop."

He suggested reading company material on paper while traveling. Unfortunately, he added, "even with strong precautions, nothing is ever 100 percent secure."




CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.


ALERT
ARCHIVES
Final Entries
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999


LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Against
Privacy Breaches.

Get WebTrust
Working For
Your Site.