Laptop in Airstream

Electronic Security Tips

Airstreamers are becoming more and more dependent on the wonderful mobile devices that save us time and precious space inside our aluminum homes—and that’s a compelling reason to take a hard look at electronic security and backup options.

“I don’t want to be a bummer here, folks,” said Rich Luhr to his seminar audience at Alumafiesta, “but if you have a lot of data on your phone, or your laptop, or your tablet, it’s time to get serious about securing your devices and backing them up against failure.”
Luhr, Editor and Publisher of Airstream Life, offers the following smart tips. (Warning—reader discretion is advised. Until you adopt these measures, you might have trouble sleeping at night.)

There’s an app for that.

If you own an iPhone, iPad, iPod touch, or Mac, download “Find My iPhone”,  free from the app store. (Similar apps are available for Android devices.) If you misplace any of these devices, use this app on another device to locate the one that’s missing— or protect your data by remotely locking it, or even erasing all of its data. “Lost Mode” locks your missing device with a passcode and can display a custom message and contact phone number right on the screen—and you can keep track of where it’s been.

Basic rule #1: Password protect everything.

If you leave your machine on “sleep” without securing it with a password, someone, anyone, can wake it up and start snooping—or stealing. “Password protect all your devices, and don’t use the same password for every device or every service you use,” advised Luhr.

Get serious about regular backups.

“How many people are willing to admit you don’t back up your computer?” asked Luhr. (You know who you are.) “You need to get on a regular routine. A hard drive failure on the road is one of the worst things that can happen to you. You’ll be using the computer and suddenly the hard drive starts making a funny noise, and twenty minutes later it’s gone. Hard drives fail. It’s not a matter of if, it’s a matter of when.” You’re at particular risk if your computer is more than three or four years old. The time to back it up is now.

Consider carrying a portable hard drive in your Airstream for every computer you own, and run backups on a regular basis while you travel. At home, keep a second set of backup drives in a fireproof safe. “If your Airstream burns to the ground and you lose your laptop and backup, you’ll have files to restore, safe at home,” said Luhr. “Think about all the thousands of photos you’ve taken over the years, or that people have sent you—pictures of your grandchildren—images you could lose and never get back. Have one backup with you, and one away from you.”

Mac users, try Carbon Copy Cloner or use the built-in Time Machine backup utility. Backup before every trip, and often even when you aren’t traveling.

Your compromising data is already out there.

And no, we’re not talking about those nekkid pictures, either—your email inbox is filled with far worse. “All your old email is archived unless you actively delete it,” said Luhr. “When the wrong people get ahold of your email they start skimming through it; that’s the first thing they do when they steal a laptop,” he said. “They’re looking for passwords, log in IDs, social security numbers—anything that you’ve emailed or might have been emailed back to you that can be used to break into your accounts. If they can break into one, sometimes they use that to break into another, and it becomes a cascade.”

Luhr told the terrifying tale of someone who lost his computer—and nearly his identity. Using data found only in email, hackers entered his Amazon account and leapfrogged from there to find credentials, codes, recovery passwords and Apple ID. Eventually they even wiped his hard drive by remote control. “Everything went out the window,” said Luhr, “including irreplaceable photos of his daughter when she was first born.”

Encrypt your hard drive.

Meaning, you’ll set a password for your computer, and need to type it to unlock it every time you use it. “This takes you just a second,” said Luhr. “It’s simple. If somebody steals your laptop or hard drive, they can’t crack it.” Consider using full disk encryption on your laptop if your job depends on it.

Be cautious about public wifi networks.

“I don’t like ‘em,” said Luhr. “I think if you have the choice of your own cellular connection—your phone’s ‘personal hotspot’, MiFi, or Jetpack—that’s a far safer way to do anything online. Public wifi can be hacked.”

If you do use one, make sure it’s one you know; your KOA-supplied connection is safer than the dreaded “free public wifi”. If you see that in your connection drop down menu, “run away,” cautioned Luhr. “That’s what hackers use as their ID to try to get you to join it.”
Sadly, it’s no longer safe to use the computers in a cyber cafe or hotel business center, either. “Unless you’re just printing, do not use any public or borrowed computer for any site that requires login. It’s not worth it,” said Luhr. “That computer could be compromised in so many different ways. We all have our own computers now. Don’t use any other unless it’s an absolute emergency.”

The next big thing: Two-step authentication

“Passwords are becoming passé,” said Luhr. “They’re not enough anymore.” For one thing, they’re too easy to guess—the most popular choice is still “password”, followed by the equally lame “123456”—and even a word that’s special to you is subject to computer-generated “dictionary attack”. “Sooner or later if you’re using a real word—something like ‘airstream’—they’re going to get it,” said Luhr. “It’s just a matter of time.” That’s why you’re likely now building your passwords from a combination of lower case letters, an uppercase letter, numerals, and symbols. (When you choose a new password, keep submitting ideas until its designation moves from “weak” to “strong”.)

“All they need is that one piece of information to eventually get into all your accounts, which is why two-step authorization is a great system for enhancing security,” said Luhr—especially for sensitive sites (like a banking service) that are restricted to absolutely everyone other than you.

It’s simpler than it sounds: two-step requires something you know (like a pet’s name) along with something you have (like your phone or credit card). When you key in your password a site will “know” your computer, but will be suspicious if you log in from another device; you’ll then be required to prove that you know more. A popup alert will announce that a security key—usually a 6-digit code—has been sent your phone number on file; use that code to enter the site you need back on the computer. “That’s a one time confirmation, that proves that I know the password and I’m holding the phone in my hand,” said Luhr.

Once considered overkill, two-step authentication is now becoming commonplace, and only takes a minute to set up. Definitely use it for high-security, financial applications whenever available—and consider it for email, websites, even social media, too. “Any service that offers it does so for a really good reason,” said Luhr. “If they offer it, give it a try—particularly for your email. That’s the biggest security hole that you have, with the most information about you in it.”

“Even social media gets hacked,” said Luhr. “Facebook, Twitter, Instagram—and it only takes one hack for people to get a lot more information about you than you ever thought possible. It’s almost eerie how much information is online these days, even for those of us who don’t go online.”

Get a password manager.

So now you’re fortified—good for you. Every device you own is secure and recently backed up, and all your online accounts are password protected with a different combination of letters, numbers, and symbols. But, c’mon. How are you supposed to remember them all?

“You’re right,” said Luhr. “You’ve got two hundred different passwords, and I’m sorry, but none of us over fifty are going to remember them all. It’s not gonna happen.” And writing them down? That’s a bad idea. “My mother did what a lot of people do: wrote all her passwords down on a big piece of paper and tacked it to a bulletin board, right next to her computer. If somebody broke in and took the list, that would be a disaster. I said ‘Mom, you need to get a password manager’.”

There are several good ones to choose from, and Luhr uses mSecure. “It keeps all your passwords, on your phone, in encrypted form where they can’t be hacked, always with you, in one safe place,” he said. “All you have to do is remember the password for mSecure.” (Of all your passwords, this is one to ensure it’s rated “strong”.)

Log in and tap to look up your passwords and associated handy details, including the URL it belongs to and usernames. The passwords appear as a series of dots, obscured until you’re ready, from prying eyes that may be looking over your shoulder.

“It’s one of the more expensive apps you’ll buy,” said Luhr, “but I strongly recommend it. Think about the cost of the information you have. Data security is the reality of our lives today.”

– By RG Coleman