It’s that time of the year again. Trade show season!
Even if you’re counting down the days until you can get out of the office, don’t ignore your need for smart security encryption at tech conferences. As you bump elbows with your fellow geeks and techies, beware of the fact there could be a hidden hacker lurking in the shadows.
You definitely don’t want to be the person whose bank account gets breached because your laptop Wi-Fi isn’t secure (especially surrounded by such security-conscious peers). To avoid the wolves masquerading as your everyday IT pros, you want to build up your conference security survival kit. Stay tuned to learn how to encrypt everything—from laptops to ports, wallets, and more.
1. Just say no to Wi-Fi
Wireless is profoundly hostile. That’s the standard warning given about the open network at Defcon, the world’s largest underground hacking conference. If you decide to log on anyway to file your taxes, a sniffer will intercept your usernames and passwords and publicly project them on the conference’s infamous wall of sheep.
Fortunately, the vast majority of tech conferences are nowhere near as hacker-happy or cutthroat as Defcon. But the message is clear: Don’t be a sheep, and avoid using conference wireless at all costs. If you must use your laptop at the show, rely on a VPN or a portable wireless device.
2. Protect your wallet
Simply walking around with your wallet in your pocket or purse can lead to data theft. Conferences are hotbeds for digital pickpockets, or jerks with an RFID reader who can steal your credit card info from six inches away. If your wallet contains cards without an EMV chip, you’re at risk.
One poll from CreditCards.com found that 70 percent of US credit cardholders now carry an EMV chip card. While it’s impossible to scan an EMV chip with an RFID scanner, anyone with magnetic cards in their wallet should cover them up with RFID card sleeves.
3. Protect your laptop
If you attend a Black Hat hacking conference or another major security event, you may hear how the most paranoid guests build burner laptops. By modifying the operating system of a laptop, adding boot control software, and spending some additional time tinkering with its innards, you can lock it down completely. Fortunately, this is definitely not something most of us need to worry about.
Engineer Neil R. Wyler’s advice is a little less rigorous, beginning with, “Seriously, calm the hell down.” If you’re lucky enough to leave your technology off site, do it. Otherwise, he suggests adopting full-disk security encryption and keeping your laptop powered off when it’s not in use. Finally, make sure you cover all the basics—like putting the computer in airplane mode, so your Bluetooth isn’t on, and applying that patch you’ve ignored for weeks on end.
4. Avoid the thumb drive swag
If a stranger walks up to you with a suspicious gift of a free thumb drive, don’t take it. In fact, don’t take any thumb drives from strangers, even if they work at the booth of a well-known security brand. In a case almost too strange to be true, one tech company accidentally handed out thumb drives infected with an autorun worm at a conference. Oops.
If you need to present or share files, use a secure connection to the cloud to access your file instead of carrying around a thumb drive. Or, use a drive once and then safely discard it. Conferences and portable storage devices are not a good match at all.
5. Don’t charge your phone
If you need to charge your phone at the conference, don’t do it. Juice jacking, or the act of hacking a phone plugged into a public charging port, isn’t a common security threat, but you should still be aware of it.
Juice jacking is relatively rare, despite getting a ton of hype a few years back. While some are skeptical it’s even real, it’s definitely possible. In fact, it’s been demoed in front of audiences. To lower your risks, bring your own charging cord, turn your device off before you plug it in, and consider investing in a “juice jack defender,” or a USB pass-through device that prevents transmission of anything that’s not battery charged.
6. Remember good, old-fashioned theft
While old-fashioned theft of possessions is not nearly as glamorous as juice jacking, it’s a bigger risk to IT pros on the conference circuit. As journalist Jonathan Keane highlights on PCWorld, the fact that stolen laptops are still causing data breaches reminds us that this risk is real. More importantly, it shows that companies are releasing laptops into the wild with no encryption.
The moral of the story? Never leave your backpack or bag unattended. You shouldn’t carry any piece of technology into a conference unless it’s encrypted with a strong password.
7. Go full “Burn Notice”
How would the disgraced spy Michael Weston approach a tech conference? He’d wear some sweet aviator sunglasses and take zero risks. There are individuals who take extra precautions at tech conferences, carrying nothing but cash, a paper schedule, and whatever minimal ID they need to get into the event.
The really paranoid among us should consider a burner phone or laptop for conference use, which you can wipe completely when you return to work. Necessary? Maybe not. But does it sound fun to pretend to be a spy for a few days? Absolutely!
Lock it down and go have fun
Tech conferences are all fun and games until someone projects your bank account credentials on the conference wall. Even if you’re not going anywhere near the most intense hacker conferences, make it your personal mission to avoid being a sheep. With security encryption, common sense, and preparation, you can stay protected.