It was creepy.
A noted journalist was in my office. I granted him permission to connect to the organization’s computer network.
After that, he told me that he was going to connect to a “virtual private network.”
I remember wondering what kind of Bob Woodward, James Bond or — er — Larry Flynt activities this person was up to. Why didn’t he trust our network security? What was he doing that needed such extraordinary secrecy?
It turns out that he was doing what all journalists should do. He was just being safe.
Efficiency vs. security
News professionals learn early in their careers about the importance of protecting important sources. Although many will never deal with sources as mysterious or important as Watergate’s Deep Throat, it is probably safe to assume that most reporters will deal with information that is best kept secure.
Ironically, the efficiencies of online and mobile devices may be putting the reporters and their sources at risk. A reporter who loses an unprotected phone or USB drive could inadvertently disclose volumes information about themselves and their sources — and cause irreparable harm.
It need not be so.
Security does not need to be mysterious or overly technical. And, protecting this stuff can actually be fun.
To start, it might be useful to quit thinking about cybersecurity and start thinking about common sense.
For most reporters, cybersecurity should probably be the digital equivalent of locking windows, doors and file cabinets before leaving home. These measures won’t keep out professional criminals, but they will discourage the tempted hooligan.
Lock the doors, windows and file cabinets
News professionals can lock their digital front door by simply turning on a their smartphone’s digital lock. This will offer a significant amount of security in return for very little effort. That simple act can provide a level of security that even pros can find unbreakable.
Locking the windows — securing open Internet connections at coffee shops, for example — is a little trickier, but it’s still easy.
When journalists connect their computers and smartphones via WiFi to an unfamiliar network, there’s always the risk that the person at the next table might be capturing their data. This is especially true if the network is not protected by a security level called “WPA.”
Several vendors supply services that create secure Internet connections from almost anywhere. These are the “virtual private networks” that originally caused me to get “creeped out.” My wife and I use now use VPN’s all the time — and we feel uncomfortable when we’re NOT using them.
VPNs create a “tunnel” — a network inside of another network. And the tunneled network is encrypted. You do need to trust your provider. Still, as with the home security analogy, using a VPN is probably a better step than not using one.
In the digital age, securing sources means more than keeping names confidential.
After the front door and windows are locked, it’s time to lock the file cabinets. Portable hard drives, including USB drives, can be great time savers. News professionals can transport large amounts of video, text and photographs in their pockets. Likewise, cloud storage allows journalists to access their documents from almost anywhere.
Unfortunately, these technologies allow news professionals to lose lots of stuff very quickly, too.
There are some easy-to-use software programs to help with this. Some of the programs can lock USB drives and still allow them to be accessed from Windows and Mac computers. Some lock files. All of them protect sources.
For an easy start, reporters can even use some of the software that they’re already using. Microsoft Word can be used to encrypt and password protect documents, for example.
OK, so the doors, windows and cabinets are locked. Where are those darned keys?
Passwords without stickies
To keep passwords safe, secure and plentiful, it’s probably not best to write them on sticky notes and place them under the keyboard — the digital equivalent of putting the key under a rock in the front yard. Password management software helps users think up, remember and use very secure passwords. And it does this in a way that can be easier to use than those stickies.
This software unburdens the journalist of keeping track of multiple passwords while it also makes using passwords safer. And, many of the programs can double-dip as secure contact lists.
Finally, after the virtual home is locked, there are cyber-measures that are pretty low-tech. I equate these measures to being “street smart” after leaving the house.
Journalists should take care to see who might be looking over their shoulders as they type — especially in crowded places like coffee shops and airports. If they find themselves in this situation much, they should consider view restricting devices. These inexpensive polarized filters are not magic, but they do limit the angle of view of computer screens, cell phones and tablets.
And, they should consider that a device camera could be activated without their knowledge. A simple piece of masking tape over the camera provides absolute security in this matter.
And, of course, always use anti-virus software.
Just as a physical lock will not protect against a serious professional home burglary, none of this stuff will protect a reporter’s information from foreign hackers, domestic spies, etc. Still, simple measures may help journalists — and their sources — sleep a little better. Like locking the physical door, these steps should become part of reporters’ daily lives.
For more reading:
Larry Dailey is Co-Director of an emerging cyber security center at the University of Nevada, Reno. He is a professor of journalism and the Donald W. Reynolds Chair of Media Technologies at UNR’s Reynolds School. Dailey teaches courses in innovation, serious games and human centered news. He has worked for MSNBC.COM, The Associated Press and United Press International.