Data security fears on airline loaned devices addressed
Data security fears allayed as regional airlines work around recent bans on laptops on US, UK-bound flights
Best practices coupled with the right security tools can mitigate against any security issues arising from sharing devices, as regional airlines work to circumnavigate recent bans of laptops on flights.
After the ban on laptops by the US on flights originating primarily from airports in the Middle East, Emirates, Qatar and Etihad airlines offered to lend laptops and tablets to customers.
With rampant security threats, there were fears malware could be spread via shared devices.
However, experts contend that with proper security measures taken into consideration, the stop-gap measure should roll out fairly painlessly.
Haider Pasha, chief technology officer, emerging markets at Symantec sees little difference in risk between sharing devices and the now widely accepted use of public Wi-Fi or PCs in internet cafes. If one fails to responsibly protect the machine, their identity, and data, they are at risk of compromise, wherever they access the internet, Pasha adds. For example, most web browsers cache data such as websites visited, usernames & passwords, and may already be compromised by keystroke logging malware that stores a record of every keystroke entered. “The responsibility lies on both the sharing party (airlines in this case), and yourself; strong cyber security hygiene is necessary on both sides,” Pasha observes.
Middle East airlines are fairly sophisticated when it comes to IT security, Ihab Moawad, regional VP Mediterranean, MEA, Turkey and CIS for Trend Micro contends.
From the airline standpoint, making sure the laptop is kept updated with the latest security patches is essential, says Pasha. As a start, there should be a clean baseline image created as a template to be used for every laptop, Pasha asserts. This baseline image should disable any unnecessary applications, network ports, and processes. It should enable a unique password for each user, leverage advanced endpoint security protection tools, use disk encryption, and only allow USB access once it has been scanned for vulnerabilities. Upon completion of use, this laptop should be reimaged and any stored data completely destroyed; Virtual Machines are a fast and simple way to reset images.
From a user standpoint, one should access critical services using encrypted channels such as SSL (email over a secure HTTPS browser for example) or Virtual Private Networks (VPNs) if supported. For organisations worried about data being accessed on shared laptops, they could consider VPNs to virtual desktop environments with multi-factor authentication. Some VPNs are created by scanning the requesting machine for vulnerabilities before a secure tunnel to corporate is set up, Pasha explains.
Qatar Airlines has indicated it will allow customers use USBs.
If that happens, the airlines should mandate that all USBs be scanned by advanced endpoint security tools such as day-zero protection tools which typically use machine learning and behavioural analytics, Symantec’s Pasha says.
Depending on the kind of access allowed, various security measures can be carried out on the laptops. If it’s a thick client-that is a fully-fledged laptop with all the applications running- a USB enabled but not secured would constitute a major risk.
If they decide on a thin client where all documents are accessed and saved on the cloud, the risk is even lower granted that whatever Cloud they are using is secure, says Moawad. Data loss prevention (DLP) solutions further restrict what can be read or written to the USB, and will scan a USB for malware before it gets any connection to the laptop.
That said, if airlines are going to allow USBs, they need to put in more sophisticated AVs on the laptops, Moawad stresses. “These are not signature-based anti-virus but the new intelligent machine learning solutions that can learn the behaviour of the malware as soon as one enters the laptop and decide whether it’s malicious or something that should be allowed.”
At the corporate end, many enterprises today have the security controls in place like scanning including AVs and APT solutions, Moawad notes.
Security companies can certainly help. Moawad says Trend Micro and others have a variety of solutions that can help including specific solutions for airlines such as Safe Lock which provides essentially a piece of hardware that you can never be able to write anything on.
Those organisations that have already embraced mobility would face even less disruption. Modern mobile workspace solutions, such as the Citrix Workspace Suite, provide the apps and data workers need on any device, securely.
The ban has raised questions from business travellers about the impact on their productivity as well as the risk of devices being lost or damaged in transit, notes Arthur Dell, director, technology and service, MEA at Citrix. “Our workspace suite allows Citrix customers to securely access desktop, apps and data from any endpoint at any time with minimal disruption.”