There's Gold in Them Thar Devices - Gold Medals are not the only things some hope to win this summer.

Like the Gold Rush of 1848, the Bejing Olympics of 2008 will result in the mining of information and the panning for data. Here are some ideas of what to do to protect your data (whether traveling to Bejing or anywhere for that matter):

  • Encrypt all corporate devices if you must bring them;
  • If you cannot encrypt, remove sensitive data prior to going; establish BIOS level password; never let the device(s) out of your site; keep with you 24x7 (do not leave anything in your hotel room or office);
  • Encrypt flash drives – remove sensitive data; Better yet, don't bring them;
  • Do not bring MP3 players;
  • Digital cameras - remember they come with storage and will be plugged into your laptop/PC; if you must leave it in your hotel, take the storage card with you;
  • Cell phones – keep with you at all times; - remove sensitive data; password lock and encrypt where possible; do not bring your SD chips;
  • Do not speak of sensitive issues in hotel rooms or other public areas;
  • Use encryption (VPN / SSL VPN) in all connections;
  • Do not connect to the Internet in open areas (kiosks, cafes, etc.);
  • Do not use wireless connections unless you absolutely must;
  • Know what processes run on your laptops prior to going (inventory all processes) using tools such as Process Controller (k23 Productions) or use a blacklist/graylist/whitelisting solution;
  • Ensure all AV and Firewalls are updated on your laptops and cell phones (if you have this functionality on your cellphones); Minimize ports in use;
  • Query your IT/Security organizations to establish anomaly based IPS on your laptops;
  • If you can't encrypt your hard drive, establish a BIOS level password and remove sensitive data;
  • Use Group Policy Objects for the event only if need be to prohibit CD/DVD, USB port, firewire, SD slot usage;
  • Remove any admin rights and give the user basic rights only;
  • Remove any password storage software;
  • Run only bare bones minimum configurations;
  • Consider removing wireless access;
  • Don't allow for cellular card usage;
  • If any of your devices are confiscated and then returned to you, do not use them again - trash them;
  • If you have centralized control of your smartphones, cell phones, PDAs, etc., be prepared to have them remotely wiped;
  • Ensure your passwords are all up-to-date and very strong;
  • When using your laptops to communicate to your company, stay away from Windows and open spaces (Clear Shot);
  • Get a 3M screen filter;
  • Make all travelers aware - train;

Or to avoid most of this pain, just don't bring the stuff - drop off the grid for a few days and enjoy the games.

Copyright © 2008 IDG Communications, Inc.

Make your voice heard. Share your experience in CSO's Security Priorities Study.