So you have it all????

So you have it all, Wi-Fi in the office and a data stick when you are travelling, messages get to you via SMS or push email to your blackberry or iPhone. From your laptop you login securely to your office network, download documents and upload changes and reports. Your administrator automatically checks that you have the latest updates on your laptop and that your anti-virus and Trojan systems are current. In short you are as safe secure and well informed out of the office as when you are within the physical walls.

Then comes the holidays, you don’t need to be in constant touch, you know the team you have left behind are more than able to hold the fort for the few weeks you are away… Yet just to be on the safe side it would be wise to check in occasionally, there is bound to be something you have forgotten to mention, a verbal deal not yet finalised, a bill unpaid or an appointment remembered.

So what are your options? You still have the data stick and with data roaming turned on you can communicate exactly as you did before, but this time with charges from £2.50 per megabit that is £20 per megabyte (data roaming on your smart phone comes in at the same price).

You can buy a data stick from the country you are in, pay as you go options are available in most countries or if you are a regular visitor a monthly contract works out cheaper.

Purchase Wi-Fi access from a provider on a contracted minutes usage or on unlimited access for a period (24hrs, week, month).

Or cheapest of all find free Wi-Fi access points.

However before any of that you need to prepare your laptop for the low data environment you are going into. With the high availability of cheap communication in the UK our IT systems are designed to make use of the almost continuous connectivity to the Internet. Legitimate programmes installed on our laptops will at some point connect back to the manufacturer, to check for updates, authentication and validation or offers and upgrades to your current version.

Your operating system too will check for updates and if you’ve agreed to participate in feedback about your usage.

Many of these lookups can be disabled and all can be stopped via your firewall. So ask your IT administrator to setup a travelling profile for you with only the minimal essential communication with the Internet.

Your email client can be set to download only header information, which is who it is from, the subject of the message and the first couple of lines. You then can decide which messages warrant the complete download once you have read the headers. You can set outgoing messages to be text only, it’s the graphics we use in signatures and the fonts and colours that bulk up the size of our emails.

If you are going for a data stick purchase or a Wi-Fi provider, then this is best done ahead of your trip.  Google for Telecom providers in the country you are to visit most will have a version of their website in English. You can collect the data stick from a local shop or have it delivered to your hotel/apartment; some will even ship to the UK. For Wi-Fi you need to search in the town you will be staying and here the information is more difficult to get. You may be visiting Spain but the Wi-Fi provider in your holiday town is German and the site can only be translated via Bablefish/Bing/Google, also you get very little indication of coverage. In my experience this type of service is best purchased on a second visit after you have established who has the best coverage in the locations you travel to. However, the best coverage can be the provided by the local council and be a private network only accessible to council employees. Purchasing Wi-Fi can be a catch-22 scenario, requiring access to the Internet in order to register and pay for your Internet access. Some providers issue a Wi-Fi access code or password (this is common in Hotels) others provide an open access which redirects to their website where you enter the authorisation code (a few will offer the ability to purchase access via their website).

In my opinion the best access is via the free Wi-Fi providers, these are usually bars or restaurants that use the Wi-Fi as a marketing tool to encourage customers, however few will actually advertise the service and of those that do some only have the sticker and an excuse as to why it isn’t working today.

If you’ve a smart phone with Wi-Fi capability, then walking past bars and restaurants with an eye on the readout will tell you where access is available. The signal will show up quite a distance from the actual location and quite often the name of the Wi-Fi connection will be that of the Bar so you can easily identify the owners.

Failing a smart phone then look for the visual clues, youngsters sitting in the bar with their laptops out, more than one less than ten.

Bar use isn’t without its caveats, first the obvious, coke or beer in the keyboard does not prolong the laptops active life, more seriously this type of wifi is an open system, your computer can be seen on the system and the traffic you generate can be seen. It could be the teenager on the table across the bar bored with website access that decides it would be more fun to see what everybody else is doing and connects to your machine to look for interesting files or the proprietor of the establishment can be totally honest, but the equipment he is using might not.

In the news recently we had the information that credit card chip and pin readers, recently shipped had code installed that stored your Credit card details along with your Pin number and emailed it out to a criminal gang, so adding sniffer systems to internet routers for wifi is comparatively very simple.

However everything is not on the side of the criminal. Ensuring your firewall is up and correctly configured (best done by your IT admin before you go on holiday) stops direct access to your computer. Using a secure VPN connection back to the office means all that traffic is unreadable. This connection is best made using a certificate issued by your office rather than just a password that can be easily replicated. If you are going to browse to sensitive information or go to a web site to purchase items using your CC, then browse only through your VPN connection. This may be slower, but you will have all the protection available at your home office.

Only collecting emails; again ensure that it is an encrypted conversation, i.e. your connection to your external office email is via SSL, just like when you are browsing to a secure website, on that begins with https://.

Use your wifi connection sparingly, drop it when you are composing messages and reconnect to send.

These problems still exit even when you are using a wifi provider. Although their systems will have been thoroughly checked, you are still open to having your conversation snooped upon. The majority of providers still use WEP for encryption, but the last world record for cracking a WEP encryption code is 3.2msecs. Also beware if the signal strength from your provider is better than usual, it could be someone is spoofing a relay point and channelling all your traffic through their systems before passing it on to the real provider

By taking sensible precautions you can enjoy trouble free access from anywhere in the world and how can you better this excuse for a drink, ”I’m sorry I just need to nip down to the bar to send my emails.”

**Jordi Morell, Obsidian Networks 14/02/2012**