BYOD: Bring your own disaster

Have you ever heard of “BYOD”? No, it is not a pop band. Try again. It is short for “Bring Your Own Device” (the French use “AVEC” -  “Apporter Votre Equipement personnel de Communication”) and describes an option long since offered at CERN: the possibility to bring along your personal laptop, smartphone or PDA, use it on CERN premises and connect it to the CERN office network. But hold on. As practical as it is, there is also a dark side.

 

The primary advantage, of course, is having a digital work environment tuned to your needs and preferences. It allows you to continue working at home. Similarly, you always have your music, address books and bookmarks with you. However, as valuable as this is, it is also a responsibility. Laptop theft is happening - outside CERN but also on site. In France, 30% of stolen laptops were stolen out of cars or homes, and 10% during travel. At CERN, on average one laptop per month is reported stolen to the Computer Security Team. This can become a fully-fledged disaster: with the loss of your laptop, your music is gone, your photos, videos, doctoral thesis... but probably also your private documents, e-mails, bank statements (in your browser’s cache) and stored passwords (e.g. for your wireless access point at home). Worse still, depending on what your role at CERN is, sensitive Organization data might be lost too: contracts, preliminary physics results, MARS assessments, legal proceedings, medical files, job applications, etc.

Only 15% of the aforementioned stolen laptops were encrypted. What about yours? Protect your life and avoid thieves putting your photos onto the Internet(*)! Also protect sensitive Organization data. Use the built-in “Bitlocker” and "FileVault" features on Windows PCs and Apple Macs respectively in order to encrypt your hard disk. For Linux, many software solutions like "Truecrypt" can provide the means to protect your local data. However, take care with the corresponding password: once lost your encrypted data is also lost. Also note that there is currently no centrally supported solution for CERN. In addition, regularly back-up so that you don’t lose your “life” if your laptop disappears. Synchronise your professional laptop with CERN DFS or AFS, back-up your private laptop or Android device to an external USB disk, and use Time Capsule for Macs or iTunes for iOS devices. Finally, if your CERN laptop is stolen, file a report with the CERN Fire Brigade.

As for smartphones… On average, one mobile phone is stolen every 30 seconds in France. You might be able to perform a remote wipe to remove the contents, but if the thief removes the SIM card quickly enough, you’re screwed. Standard 4-digit PIN numbers can be cracked within minutes - you had better choose more digits. And no, there is no really good encryption software to protect your contents. In short, you had best keep both eyes on your smartphone all time. 

Check our website for further information, answers to your questions or help, or write to Computer.Security@cern.ch.

If you want to learn more about computer security incidents and issues at CERN, just follow our Monthly Report.


Access the entire collection of Computer Security articles here.

* This reminds me of a case of a young woman whose photos - taken by her boyfriend with her smartphone - were posted on a popular porn site by the thieves who stole her phone (recall our Bulletin article on Smartphone lost --- privacy gone).

by Computer Security Team