You lucky thing, you’re going to PyeongChang to see the 2018 Winter Olympic Games. I wish I was at the Olympics to cheer on women’s hockey, myself. Let’s look at what you can do to be secure from a perspective of application security while on your trek.
Step 1: First and foremost, get a burner phone. Right now, your phone can be confiscated and opened at any border crossing for the sake of the security of the country you’re entering. Consider that carefully as you decide whether to take a corporate phone or a personal phone upon which you have actively taken political positions.
Step 2: Heads up that if you have a fingerprint entry, you can be mandated to use it to access your apps. Security cannot force you to provide your password or to do the password dot connection; however, your fingerprints are public record and on file, and thus can be insisted upon. I’d go with the pattern password option only.
Step 3: Turn off your geolocation services for apps wherever possible. You don’t want to be stalked in a foreign country. Resist the urge to “check in” from the Olympics and remember that South Korea is full of very savvy programmers. If it helps, pretend you’re at DefCon or Black Hat and go in with that level of paranoia. And for the love of everything, do NOT announce loudly to everyone and on your voicemail message that you are out of the country—don’t make it easy for thieves to decide to break into your house and steal your Roomba.
Step 4: At the Olympics, you may be tempted to download quickie apps you see on posters or flyers. Who wouldn’t want up-to-date medal counts and schedules at your fingertips? Don’t do it there, and only download from a reputable store such as Google Play or Apple marketplace. The official marketplaces have content policies and do their best to pull down malicious apps at a decent pace (most of the time). Check to see that the app is well-rated and very frequently downloaded. These are good clues that it’s a legitimate application.
Step 5: Avoid peer-to-peer networks like the plague. File-sharing websites are hugely prone to malware and trojans. Don’t save money and get a free app for now, then discover your app is sending out embarrassing tweets and SMS messages on your behalf. Try to avoid uploading all your photos daily to Flickr while you’re abroad—there are Sidejackers in coffee shops who would love to slip something into your feed while you do. Instead, buy a spare memory card and take your photos home in your pocket to upload there. You have been warned.
Step 6: Read the fine print on anything you download. You’re often asked to give the developer permissions for information and abilities, including keeping your phone from sleeping, reading who you’re calling (and who is calling you) and accessing the internet on your behalf. And NEVER offer up your images/pictures to a new app you just downloaded. If the app can make calls or send texts without your permission, those can be used by scammers to rack up expensive texting charges.
Step 7: Stay ahead of the bad guys. Update all your mobile devices and laptops before you leave. Do some research, and make sure you have a good phone A/V program for whatever platform you’re on. And tug on all ATM card slots you use abroad to make sure there are no skimmers attached to them.
And next time, take me with you. I want to go to the Olympics, too. Come find me on LinkedIn.