If you’re like us, your entire life is on your computer. And if someone wanted to steal your life, or access your bank account, there’s no better roadmap for doing it than the files on your computer.
We carry everything from our resumes to our tax returns on our laptops. It’s hard to understate the damage a knowledgeable criminal could do with that information. And while we’re careful not to store bank account information or passwords anywhere, it is ridiculously easy to hack into many online accounts once you have control of someone’s computer. In a minute, we’ll show you just how easy and how you can protect yourself.
For a long while we harbored a somewhat false sense of security that all of our computer’s sensitive data was safe as long as our laptops stayed at home, secured behind weak door locks and easily breakable windowpane glass. Of course they were never really safe there either, but a man’s home is his castle, even if only an illusionary one.
Hotels offer no such illusion of security. They’re places where plenty of people have daily access to your room and your unguarded luggage. If you travel with your primary computer, as we do, they’ll have access to that as well.
And while we never thought too much about these issues in the past, soon we’ll be traveling full-time while carrying all of our worldly possessions on our backs. The possibility of having our bags lifted off of a train or even off of our persons has gotten us thinking a bit more deeply about the data we carry with us. These are the steps we’re taking to keep it secure.
Step One: Take a Deep Breath
Even though this is an article about keeping your data safe, our first piece of advice is to avoid going overboard with security. You can’t ever protect something against every conceivable attack so it is pointless to try. Your objective shouldn’t be to thwart the NSA or some super cyber villain but the common criminal. Mostly what you need to do is simply make your information harder than average to access. Even a flimsy bag lock will thwart most crimes of opportunity. And that brings us to our first security precaution.
Step Two: Lock Your Bags
When we set off for two months in Central America we invested a total of $10 in a couple of luggage locks and a lightweight bike chain to secure our backpacks whenever we left the hotel. Locking your bags like this won’t stop a determined thief but will prevent someone from casually rifling through your stuff or simply walking off with your bag. You can spend about 10x as much for a more elaborate PacSafe security system, but we choose not to. After all, if a criminal comes equipped to cut our bags or bike chain, he very likely can cut the PacSafe cable too.
Step Three: Password Protect Your Computer and Phone
Once your computer falls into the wrong hands, its first line of defense is the password built into its operating system. It serves a critical function, but will only work if you enable it.
It’s important to know that the operating system password doesn’t protect your files (we’ll talk about doing that in a minute). It does, however, prevent someone from using the computer as you. That’s important because once someone logs-in as you, they may have access to your email accounts, browser history and any number of other useful resources not easily available in other ways.
Step Four: Don’t Use Auto Login for Anything, Even Your E-Mail Account
I’m not a hacker, but even I have a fighting chance of getting access to your online bank accounts once I have your un-password protected laptop. That’s especially true if your browser is set to automatically log-in to your e-mail and other accounts.
Here’s how I’d get access to your bank account:
The first thing I’d do is go into your e-mail account and change your password to lock you out. Then I’d search your e-mails for messages coming from financial institutions to see what accounts are linked to that e-mail address. I’d then go to that financial institution’s website and (assuming your browser didn’t log in to the account automatically) request a password reset. The financial institution will then send a new password to the e-mail address they have on file, which I now control. With that, I’d have full access to your financial account.
Many institutions are trying to thwart such attacks by adopting a “Two Step Authentication” process where they send a special code to your phone that you need to enter before your password is reset. If you have accounts asking you to enable “Two Step Authentication” you should definitely do it. But even with that, I still might be able to work around this protection by having your calls and texts forwarded to a phone I control. If your browser automatically logs in to your wireless account, you’ve made my life really easy.
Of course I wouldn’t even need to bother with any of that if I lifted your phone along with your laptop and you ignored Step Three completely by not password protecting both devices.
Step Four: Encrypt Your Most Sensitive Data
The operating system password doesn’t protect the files on your hard drive. Anyone with the most basic understanding of computers can boot up your laptop with an alternate operating system and have full access to your files. To keep those files from prying eyes you need to specifically encrypt them.
There are probably dozens of ways to encrypt your files but none we’ve found do everything we’d like. We don’t endorse any particular system but here are a few options that get the job done.
One of the highest rated encryption programs among tech geeks is TrueCrypt. It’s completely free, open-source software that allows you to encrypt entire volumes of data. The downside of TrueCrypt is that it is designed for more sophisticated users so its interface isn’t the friendliest. That may be a real consideration when encrypting your data and possibly reason enough to skip TrueCrypt. You don’t want to make any mistakes that permanently lock you out of your own files.
Folder Lock, meanwhile, does basically the same thing TrueCrypt does but with a far more intuitive and polished interface. That ease of use comes at a price, though: $39.95 for the un-restricted version, to be exact.
Both TrueCrypt and Folder Lock also have a nifty little “Stealth Mode” feature that hides the program and its associated files. The idea is that if would-be cyber thieves don’t even know the files exist, they can’t decrypt them.
If you think that feature is a bit of overkill (and it probably is) the free 7-Zip software is a much simpler option. While 7-Zip’s primary function is to compress files, it also allows you to password protect them using strong AES-256 encryption.
Of the three choices mentioned here, 7-Zip is by far the easiest to implement. Its downside is that whenever you want to save changes to a file you have to extract it from the encrypted volume and then re-encrypt. That might be fine for finalized documents that never change, like your 2012 tax return, but it is a bit of a PITA for things like financial records that you constantly update.
TrueCrypt and Folder Lock, meanwhile, allow you to access and update your files as you normally would once you provide the correct password.
Step Six: Encrypt Your Cloud Storage
Online data storage (also known as “The Cloud”) is a great way to back up your documents. It’s particularly helpful for full-time travelers like us who don’t have any other place to store hard copies or back up electronic files remotely. We do plan to carry an external hard drive as a backup for our laptops, but if our bags get lost we’ll lose our backup too.
As useful as online storage may be, we’re still reluctant to upload our most important files into the internet ether. Cloud services like Dropbox have some robust security of their own, but that security is always being tested by hackers looking for a way in. What to do?
If you’re already using TrueCrypt or Folder Lock to protect files on your hard drive, you can also use them to create an encrypted volume within Dropbox. Doing so is simple but requires you to download and install the Dropbox desktop application. With that app you can create a folder on your computer that automatically synchronizes and uploads its contents to a similar folder in the Dropbox cloud. If you encrypt a volume in that folder with TrueCrypt or Folder Lock the same encrypted volume gets uploaded to Dropbox as well.
One potential problem with this approach is that to open your Dropbox files encrypted with TrueCrypt or Folder Lock you need to have a computer with those programs already installed. That doesn’t do you much good if you lose your bag on the road and are trying to download copies of your passports on a generic hotel computer.
What you can do, instead, is use 7-Zip to create an encrypted self-extracting zip file and upload that file to Dropbox. That file will be protected but doesn’t require special software to open. All you need is the original password to get your documents.
Considering the various benefits and drawbacks of the different encryption programs, we’ve decided to use a mix of them. We use TrueCrypt to protect both a volume on our hard drive and a Dropbox backup. In these volumes we keep all our sensitive material. For anything we think we might need in an emergency on the road, we’ve created a self-extracting 7-Zip file and uploaded that to Dropbox as well.
Everywhere Once 
That is smart!
LikeLike
Why thank you.
LikeLike
Great advice for travellers!
LikeLike
Great tips. We’ve learnt a few things while travelling at the hands of opportune thieves – the worst thing has been lost passports as they can hold you up but the pain of lost IT and phones lasts longer.
LikeLike
The idea of losing important stuff – passports, wallets, computers and increasingly phones – is kind of scary. I’m hoping that these countermeasures will at least minimize the harm and make them more manageable inconveniences than absolute disasters. Time will tell.
LikeLike
Happy New Year to you! And a very useful article… honestly, I am completely logged onto practically all my accounts all the time from all my gadgets. Hopefully this year should see me slightly more armed 🙂
LikeLike
Happy New Year to you too. It is convenient to have all your favorite accounts simply log you in whenever you want. Unfortunately, it’s super convenient for thieves too. 😦
LikeLike
Reblogged this on digger666.
LikeLike
This is excellent information, but still sounds easier said than done. I would love to take a class in this stuff. Only one on one instruction would probably get through this non-tech brain of mine.
LikeLike
Of course the low-tech way to protect your sensitive information is to keep it off your computer altogether. Or, as Gunta suggests, get a cheap device for travel and leave your primary system at home.
LikeLike
Great stuff here! I’m putting together a trip to Latvia in a few months, the home of some notorious hackers. I’ve been puzzling over the sort of stuff you covered here. I’m almost thinking of picking up a cheap laptop (essentially disposable) for email access and a place to download pics (then back them up to dropbox or something similar). Hoping that keeps most of the financial and sensitive stuff safe (relatively speaking, of course) as long as I have a strong email password. Perhaps even create a different email account used only for friends and family.
Any thoughts or suggestions on that approach?
LikeLike
I think traveling with a secondary computer or tablet (one that is clear of all sensitive information) is probably the ideal way to go. That way if it gets lost or stolen or damaged it’s no big deal. We, unfortunately, don’t have that option because the road is our home.
LikeLike
Yeah, I get that it wouldn’t work for your situation, but it seemed like the best and easiest solution for me.
LikeLike
We agree. Good luck with it.
LikeLike
Hi Brian,
We had an issue with 2 Step Authentication while travelling in the US. We bought a local pre-paid cell phone (to save roaming costs) but it would not receive texts from our Australian based bank. Ensure you check with the in-country phone provider that the plan you choose can receive international texts. Test it before you get too far from the store. You will also need to have the text number from the bank set to the new phone, including international dial code.
Cheers, Jason
LikeLike
Hi Jason,
Thanks for the tip. We’ll have a similar problem in that we won’t even have a domestic number any more (we don’t really expect to be in the U.S. for any longer than a couple of weeks per year so we won’t be paying for U.S. service). We’ll be using international SIM cards exclusively.
We’re planning to use a Skype number to keep some consistency as we hope from carrier to carrier as we change countries. Hopefully we can get texts through Skype and they’ll be delivered to us wherever we are, but who knows. This, as with everything in our lives, is going to be a bit of a work in progress.
LikeLike
i agreed with ur opinion here
LikeLike
This is something I’m definitely looking to implement this year after having been way too lax for too long. It’s great to have a starting point; thanks!
LikeLike
Useful post
LikeLike
Great topic. Another option is to store the sensitive stuff on a usb thumb drive. Laptop can stay in the room and the thumb drive is hidden on your person. Thumb drives with security an encryption are available, including some environmentally hardened models.
LikeLike
Great point and a workable option for those uncomfortable with storing their documents in “the cloud.”
LikeLike
Plus you may not have internet access when you need those copies of your lost passport. If you choose a waterproof model it would give the option of carrying at all times. A visit to a tailor would provide a secret pocket on the inside of your travel wardrobe, including board shorts for water activities. A zipper and maybe a pouch with lanyard for those who like to cover all bases. Couples could have a thumb drive each, .to mitigate the loss of one.
LikeLike
Yikes, great post! A lot of information to think of especially for our family that is currently in China. Your post made me realize that I have a false sense of security and just because its on my laptop with a log in password doesn’t mean its safe. I’ll be looking into some of your suggestions ASAP. Thanks again!
LikeLike
Glad to be of help.
LikeLike
Reblogged this on Still Times – Our China and Life Adventures and commented:
Think you’re safe? Maybe not, read this great post from EverywhereOnce to see if you have the right security for your important information. Cheers!
LikeLike