A frequently suggested control to reduce these risks is the use of a clean laptop for travel. Some organizations re-image Windows-based notebooks for each trip. While there are advantages to using a familiar operating system, another option is a Chromebook. I have tested different approaches over the past few months, but before jumping into security, it is important to consider hardware and software.
At around $450, the Toshiba Chromebook 2 CB-30 is equipped with an Intel Celeron processor and 2 GB of RAM. When surfing the web with multiple tabs, the CB-30 experience resembles an entry-level PC. The screen is reasonably bright, but I find it slightly too reflective in bright light. Overall, it is a decent computer for the money.
Dell was kind enough to lend me a Chromebook 13 with an Intel i3 processor and 4 GB of RAM. Currently retailing for over $1,000, the Chromebook 13 is more expensive, but offers significantly better performance and a gorgeous display. It looks, feels, and runs like a business-class PC. Dell also offers a lower cost Celeron version.
All Chromebooks run the ChromeOS operating system from Google. Lower-end devices tend to become sluggish when multiple browser tabs are opened; higher-end Chromebooks are built on the same hardware as mainstream Windows-based notebooks at similar costs.
ChromeOS’s primary strengths and weaknesses both arise from the operating system being built around the Chrome browser. The operating system boots lightning fast and is as intuitive as a web browser. Resetting a Chromebook to factory defaults, including securely removing all data, is quick and painless using the PowerWash feature, but an Internet connection is required to log in for the first time.
Organizations that use Google for Business are in luck. As expected, Google Mail, Calendar, Drive, Docs, Sheets, Slides and other browser-based apps work flawlessly. Microsoft Office 365 also works well, allowing web-based access to mail and the online versions of Word, Excel, and Powerpoint. Those who primarily work online when travelling may find a Chromebook meets their needs. Many will also enjoy the simplicity and reliability of the operating system.
On the other hand, travellers who regularly use their notebook without an Internet connection will find the Chromebook frustrating at best. With Google’s offline file synchronization, it is possible to edit documents offline. However, should a serious operating system or authentication issue occur, the Chromebook effectively becomes a paperweight until connected to the Internet. Since it is not possible to install the Microsoft or Apple productivity suites on a Chromebook, those who make use of time on aircraft to edit documents may not find it suitable.
Prior to leaving on each trip, I used the PowerWash feature to return the Chromebook to factory defaults. Because ChromeOS enforces mandatory encryption, and the PowerWash feature deletes all accounts and associated encryption keys, this step ensured that no personal or business data remained on the Chromebook. Upon arrival at my destination, I powered on the Chromebook, entered my Google Apps credentials, completed the two-factor authentication, and within seconds I had access to my email and files stored in Google Drive.
Since I often write in Google Docs, I was able to compose and file my column with ease. I also was able to access notes using the Evernote app. On a few occasions the Chromebook lost Internet connectivity, but I kept working and Google Docs synced when connectivity was re-established.
Using the beta Secure Shell app, I was also able to load SSH keys from an Apricorn Aegis encrypted USB device and connect to remote servers via SSH. VPN continues to be a weak point for ChromeOS, but I eventually created a working .onc file and was able to establish an OpenVPN connection back to my office.
Before checking out of the hotel, I again used the PowerWash feature to erase all data from the Chromebook and powered it down. This process confirmed I could cross international borders with a clean laptop, and still be able to work from my destination. However, the drawback was that I could not work offline during flights.
Some airlines offer in-flight Internet connectivity, and it may therefore be possible to log in to the Chromebook, use it during flight, and PowerWash prior to landing. However, if Internet connectivity is not reliable, this scenario could result in lost data or an inability to use the Chromebook at all. So the second scenario I tested was using a dedicated Google account for travel.
Like other trips, prior to leaving I used the PowerWash feature, but then logged in using my travel account. This account is configured for privacy, including turning off Google’s search and location histories. I delete any email received to the account and empty the trash. The only data is in Google Drive, where I share a few folders with my main Google Apps account. I also enabled Google Drive’s offline mode so that Google Docs, Sheets, Slides, and Drawing files would be stored locally on the Chromebook.
While less secure than travelling with a totally clean Chromebook, this approach facilitated writing offline. I could access selected files, such as other articles I had recently written, and by creating new files in the shared folder they would automatically be available to my primary account. This compromise meant that a very limited amount of data would be stored on the Chromebook while crossing the border.
At my destination, I tested two options for accessing my primary email. The first was simply to open an incognito window in Chrome and log in to my primary account. Once logged in, clicking through to Google Drive opened another incognito tab, from where I could file my column by sending it as a .docx file from Google Docs. This approach worked reasonably well as long as I remembered that the mail icon in ChromeOS would open my travel account, not my primary one. The other option I tested was to create a second user account on the Chromebook, log in with my primary address, and then log out and delete the user prior to catching my return flight.
Compared to laptops running Windows, OS X, and Linux, Chromebooks offer better security, but at the cost of reduced functionality. Travellers who require applications not supported by ChromeOS, work extensively offline, or travel to destinations without reliable Internet should consider other options. But those who can work with what ChromeOS does provide should seriously consider a Chromebook for international business travel.
Have a security question you’d like answered in a future column? Email email@example.com
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…