Below applies mostly to endpoint security, that is the laptop or desktop you’re working on or traveling with.

1. Encryption

Problem: If you are mobile the risk of physically losing (i.e. theft) or physical damage (i.e. accidents) is very high. Theft or accidentally forgetting or misplacing your laptop would mean that all of your data is in the hand of whoever has your laptop.

Solution: The solution is to full disk encrypt your hard drive. By using full disk encryption your data will remain safe. Unlike a simple account password that can be circumvented easily, your encrypted disk cannot be accessed without your password. This way if you do lose the device at least you are not losing your data to a thief.

Read more about encryption: https://en.wikipedia.org/wiki/Disk_encryption

Windows – BitLocker Price: Free https://docs.microsoft.com/en-us/windows/device-security/bitlocker/bitlocker-overview

Mac – FileVault Price: Free https://support.apple.com/en-us/HT204837

2. Backup

Problem: Theft or damage. If you do not have a backup your data is lost. If you accidentally download a virus or ransomware your data is lost.

Solution: The only solution is to have proper backups in place. Being mobile your best bet is the cloud. In my experience, Backblaze is the best option for personal cloud backups. Very affordable at $5 for unlimited backup data. The program works very well on windows and mac (I use both personally and on clients). If you need your data restored fast Backblaze will physically mail you a hard drive with your data on it. Depending on how much you have backed up this could be faster than waiting for it to download.

Read more about Backblaze: https://www.backblaze.com/

Windows/Mac – Backblaze Price: £4 per month for unlimited storage

Windows/Mac – Google Backup & Sync: Free for limited storage, tiered pricing including £7.99 / month for 1TB.

3. VPN

Problem: Since you’re mobile all of the networks you connect to are out of your control and therefore should be thought of as unsecured. No matter where you are you could fall victim to a packet sniffing or man in the middle attack. Even the business or cafe you’re connected to could inspect or decrypt your connection, it’s not unheard of. The problem here is that if you are a victim of such attacks your browsing history and content including in some cases personal information will be vulnerable.

Packet Sniffing: http://www.dummies.com/programming/networking/cisco/common-network-attack-strategies-packet-sniffing/

Man in the Middle: https://us.norton.com/internetsecurity-wifi-what-is-a-man-in-the-middle-attack.html

Solution: To mitigate issues such as these it is recommended to use a VPN at all times. In layman’s terms, a VPN will create a secure tunnel to pass information through. In the example above if you are being targeted for a man in the middle attack, all the attacker will “see” is your connection to the VPN. Everything is safely passed through this VPN tunnel.

I recommend PIA (Private Internet Access), they are cheap and in my experience are very fast and with little to no issues. You can read about different VPN options on google. I prefer to stick with the bigger names out there. PIA gets criticized for being US based (People use VPNs for torrents and illegal activities) However since I am only using it to protect my connection I am not concerned about those issues.

Read more about VPNs: https://www.bestvpn.com/vpns-beginners-need-know/

Windows/Mac/iOS/Android – Prices average £5 per month for 5 devices, unlimited bandwidth

4. Email Security

Problem: If you’re a professional you should have a domain and email account at that domain. For example “you@yourbusiness.com”. Using a mainstream enterprise email account will come with many features you’ll want to have such as 2FA, powerfully built in spam filter, and other security features to protect your inbox.

Although the biggest issue with email is Phishing attacks and infected attachments. The best solution for this is non-technical. It is about user education and vigilance. Read up on phishing and never open any attachments you are not expecting. Even if you’re a little suspicious run the attachment through a virus scanner before opening. Also be careful of random links and always verify the link address.

Phishing: https://www.tripwire.com/state-of-security/security-awareness/6-common-phishing-attacks-and-how-to-protect-against-them/

Verify Links: https://www.lifewire.com/how-to-test-a-suspicious-link-without-clicking-it-2487171

Solution: If you do not already have it I highly recommend switching to Office 365 or Google GSuite. If you need to purchase a domain I recommend NameSilo. Both offer great email service and are very secure with really good built in spam filtering.

Windows/Mac – O365/GSuite Price: £5 per month per user

GSuite: https://gsuite.google.com/pricing.html?tab_activeEl=tabset-companies

O365: https://products.office.com/en-us/compare-all-microsoft-office-products?tab=2

5. Account Security (Password Complexity + 2FA)

Problem: Your passwords are very vulnerable. There are many ways your password can be exposed. You most likely have many accounts and reuse passwords. Secondly, passwords can be leaked (look at the latest HBO breach) or someone could simply look over your shoulder while you type your password.

Solution: Utilize a secure password manager. I recommend Dashlane or LastPass. Both offer a secure “Vault” for your passwords and securely back them up. By using a password manager you only have to remember one password to the vault. Once in you’ll have access to all of the other passwords. Another benefit is that they offer security recommendations and will notify you of accounts with weak passwords or accounts that have been publically breached. By using the password manager you can set all of your passwords to something very complex and unique without having to remember it.

Secondly, but most importantly is to enable Two Factor Authentication on every account you have that supports it. With 2FA your accounts will be secure even if someone has your password. Simply put, you have to enter your password and then enter a secret code that changes every 30 seconds. If your attacker does not have this code they cannot access the account even with the password.

That secret code or the second factor of authentication is generated through a token. The easiest way is to use an authenticator app on your phone. I highly recommend Authy. Authy can store multiple 2FA accounts and securely backs up your tokens to be accessed from a computer if you lose your phone.

Two Factor Authentication: https://en.wikipedia.org/wiki/Multi-factor_authentication

List of services that support 2FA: https://twofactorauth.org/

Windows/Mac/iOS/Android – Lastpass/Dashlane/Authy Price: Free

Dashlane: https://www.dashlane.com/

LastPass: https://www.lastpass.com/

Authy: https://authy.com/

Extras

Cisco Umbrella, Webroot, VirusTotal

If you’re super paranoid about your endpoint protection you could utilize a web filter such as OpenDNS and a full fledged AV program such as Webroot.

Additionally, I recommend bookmarking VirusTotal. It is a free online service you can upload files to for virus scanning using 56 different AV databases. This is great for quickly scanning suspicious files or attachments before opening them.

Open DNS: https://umbrella.cisco.com/products/features

Webroot: https://www.webroot.com/us/en

Malwarebytes: https://www.malwarebytes.com/

VirusTotal: https://www.virustotal.com/#/home/upload