The fragility of road-warrior security

It is often said that the weakest link in the IT security chain is the human being. In our technological age it is inconceivable to travel without network tethers such as a laptop PC, mobile telephone or e-mail PDA. The road warrior is connected 24/7 to his home, corporate office/clients/partners and the Internet. What has occurred in the 21st century is that all of this technology is taken for granted, and security is never a primary issue or concern.

Over the past few months, I have heard one horror story after another about the most obvious and blatant form of security issue - reading a neighbor's laptop screen. Think about how many times on a plane, at an airport or in a restaurant, you look over and happen to read the display of someone next to you. It's only natural that our eyes wander. Most of the time the images and text are mundane, but every once in a while you recognize something that relates to your personal interest, occupation or company. In all probability, the other person doesn't know who you are or that he is committing a grave security breach.

Stories abound of mergers and acquisitions, leveraged buyout deals, real estate purchases, sales opportunities or job interviews that were successful because the competition's presentation or instant message conversation was viewed on a flight or in a coffee shop. This is not a network problem but a human problem that can be fixed by mandating corporate use on all corporate laptops of a privacy filter/privacy screen/security screen/screen guard that prevents anyone looking over your shoulder at the laptop display. Simple yet elegant.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

It is often said that the weakest link in the IT security chain is the human being. In our technological age it is inconceivable to travel without network tethers such as a laptop PC, mobile telephone or e-mail PDA. The road warrior is connected 24/7 to his home, corporate office/clients/partners and the Internet. What has occurred in the 21st century is that all of this technology is taken for granted, and security is never a primary issue or concern.

Over the past few months, I have heard one horror story after another about the most obvious and blatant form of security issue - reading a neighbor's laptop screen. Think about how many times on a plane, at an airport or in a restaurant, you look over and happen to read the display of someone next to you. It's only natural that our eyes wander. Most of the time the images and text are mundane, but every once in a while you recognize something that relates to your personal interest, occupation or company. In all probability, the other person doesn't know who you are or that he is committing a grave security breach.

Stories abound of mergers and acquisitions, leveraged buyout deals, real estate purchases, sales opportunities or job interviews that were successful because the competition's presentation or instant message conversation was viewed on a flight or in a coffee shop. This is not a network problem but a human problem that can be fixed by mandating corporate use on all corporate laptops of a privacy filter/privacy screen/security screen/screen guard that prevents anyone looking over your shoulder at the laptop display. Simple yet elegant.

Remember the old adage: Good fences make good neighbors. This becomes even more of a mantra when we look at road-warrior network security. That ear piece networked to your mobile phone is part of another problem. No only do we tend to talk in public at a volume that brings the entire room into our conversation, but we forget wireless technologies such as Bluetooth can be open to access unless device/user-specific identification is used for connectivity. It is possible to listen to both sides of a conversation in this manner unless the corporate user is mandated to invoke simple Bluetooth security options.

Remember the old adage: Loose lips sink ships. It is a constant source of humor to network-savvy industry analysts how PCs and other devices are open and accessible in a briefing room full of industry analysts. Using off-the-shelf software, one can not only share the connection but also record keystrokes and screen images from a laptop. This type of security issue is becoming more relevant with the proliferation of Wi-Fi public/semi-public hot spots and Wi-Fi telephones. The agreement between the start-up FON and Time Warner Cable will let home and corporate broadband customers turn their connections into public/semipublic Wi-Fi hot spots. Although popular in Europe, connection-sharing is shunned by most other U.S. ISPs.

Connection-sharing is accomplished using a FON router (La Fonera) that splits a Wi-Fi connection into two channels: a secure, encrypted path for the FON user (Fonero) and an open public path for neighbors or passersby.