Content for You Civil Rights
Block on Trump's Asylum Ban Upheld by Supreme Court
4 Tips for Protecting Your Email in China
Vigilantly staying on top of one's private communications is simply a good practice when traveling within the states. Things get slightly hairier when you travel abroad, because there are compatibility issues to consider too.
But when you travel to places like China, it's not just a matter of due diligence: you're potentially putting your clients and their company information at risk. Remember, Chinese institutions at least condone the offering of hacking courses that have left American companies scrambling -- even the federal government. You may recall that Sun Tzu devoted an entire chapter of the Art of War to spies and information. If the federal employees are vulnerable, this should tell you not to play around. Protect yourself when you travel to the Middle Kingdom.
1. Don't Use Open Wi-Fi: Careful people don't even peruse private accounts on Wi-Fi networks at Starbucks in Dallas, let alone China. If you think your sentence-long password is going to protect your data, you're probably wrong. And if you're not wrong today, you'll be wrong tomorrow.
2. Use "Burner" Accounts": These are exactly what they sound like. Companies often advise (or require) that their employees use burner email addresses and passwords that will be deleted once they return. Nothing else is allowed in the account except for communications between companies and the employees, and extremely sensitive material will be kept to a minimum. Part of the rational behind the burner is that old accounts are a treasure trove of sensitive account information that will help hackers identify targets.
3. Employ PGP -- When Practicable: "Pretty Good Privacy" encryption is a way of hiding one's private communications by employing a stream of public and private encryption keys. The key is encrypted using the public key, but can only be unlocked with the private key -- or about a billion years of continuous brute force. The mathematics behind PGP are beyond this post, but companies and attorneys should really consider this option. Apps for PGP are available in proprietary form.
4. Make Use of VPNs: The advantages with using VPNs are not as strong as they once were, but they're certainly better than going naked. Keys must be updated at an almost ridiculous rate: at least twice a month if not more frequently.
As Krysia Lenzo so aptly points out, one cannot count on autocratic countries to abide by customs of "fair play and substantial justice." But who are we Americans to talk? Remember PRISM, anyone? Because it sure remembers you...
Related Resources:
2. Use "Burner" Accounts": These are exactly what they sound like. Companies often advise (or require) that their employees use burner email addresses and passwords that will be deleted once they return. Nothing else is allowed in the account except for communications between companies and the employees, and extremely sensitive material will be kept to a minimum. Part of the rational behind the burner is that old accounts are a treasure trove of sensitive account information that will help hackers identify targets.
3. Employ PGP -- When Practicable: "Pretty Good Privacy" encryption is a way of hiding one's private communications by employing a stream of public and private encryption keys. The key is encrypted using the public key, but can only be unlocked with the private key -- or about a billion years of continuous brute force. The mathematics behind PGP are beyond this post, but companies and attorneys should really consider this option. Apps for PGP are available in proprietary form.
4. Make Use of VPNs: The advantages with using VPNs are not as strong as they once were, but they're certainly better than going naked. Keys must be updated at an almost ridiculous rate: at least twice a month if not more frequently.
As Krysia Lenzo so aptly points out, one cannot count on autocratic countries to abide by customs of "fair play and substantial justice." But who are we Americans to talk? Remember PRISM, anyone? Because it sure remembers you...
Related Resources:
- China Responds to U.S. Intelligence Call for More Digital Security (KitGuru)
- Does Your Firm Need Mandatory I.T. Security Training? (FindLaw's Technologist Blog)
- It's Time to Get Rid of Passwords: 5 Alternatives to Password Security (FindLaw's Technologist Blog)
- Is Copyright Law Protecting Corporate Cheaters Like Volkswagen? (FindLaw's Technologist Blog)