A Zero Day Latest NewspentestpentesterpentestingSecurity Blog

Christmas socialising. Goodwill to all, and keep your devices safe

Become a Patron!

It’s that time of year again. Christmas parties, socialising, travelling, and time spent away from home.

Seasonal socialising generally involves eating, drinking, and making merry, and there’s nothing wrong with that. The downside is that a “goodwill to all” attitude and an excess of alcohol causes people to naturally let their defences down.

The problem is that with a lowered sense of risk people’s view of what is “safe” is skewed, and that can make it a field day for crooks. Christmas is a shopping ground for thieves in so many ways.

It can take seconds for your mobile, laptop, tablet etc. to be spirited away, even if it’s sat on the table right in front of you!

Of course we need to be wary of opportunistic theft as well as targeted attacks, but the simple human error of forgetting something or leaving something behind can cause as many problems. This is compounded if, like me, you lug a lot of kit around- things can easily be misplaced and lost.

Supply chain risk, security and validation are important parts of professional relationships, so looking after corporate devices containing corporate data is paramount. Knowing who to report a missing / stolen device to is essential.

You know the risks, now what should you do?

Bearing all that in mind it’s critical that we acknowledge the increased risk that simply having fun can bring, and be extra mindful of the devices that we are in charge of.

I prepare for journeys well in advance. Any device that contains sensitive information stays with me at all times. My mobile phone and laptop are far more critical than the big cases full of demo equipment, so I keep these to hand at all times. On the train and need the bathroom? They’re coming with me, no Ifs or Buts.

Also, I never leave the bag containing my phone / laptop unattended when snacking or having drinks. No matter which of my glamourous shoes I’m wearing that bag’s shoulder strap is either firmly underfoot, around my ankle, or snagged on a chair / table / secured fitting.

My advice

  • NEVER leave your laptop or mobile phone unattended in a public place. EVER
  • Try to pre-book train seats near a luggage rack so you can keep an eye on your bags
  • Make sure you / your people know who to contact in the event of a theft
  • Is your laptop best left in the office on the night of the Christmas party rather than coming home with you?
  • Use appropriate encryption and a strong password to protect your data from opportunistic thieves
  • Try to pack for journeys well in advance. Have one bag that you can easily stow sensitive devices in when you need to nip to the bar / toilet etc.
  • Pop your foot or a table leg through the strap of your carry bag when you’re sat down
  • Don’t trust strangers to watch your stuff. Looking trustworthy is not a thing
  • If a device is not in use, remember to power it off. This means that encryption protection will be fully effective
  • Don’t use untrusted charging ports / devices. If you have to charge, use  a USB condom
  • Enjoy yourself, safely
Christmas socialising. Goodwill to all, and keep your devices safePen Test Partners
Source link




Show More

Leave a Reply

Back to top button
Close