BLOG

A great tool for anyone who travels frequently, especially to countries that may not have the same measures of freedom as in America, is a USB drive that contains portable tools that can be run on any computer. Cybersecurity students need to understand more than what just goes on in a server room or office space. The necessity for digital security today extends into almost every area of life. In a previous article, I discussed the importance of professors preparing their students with knowledge about common mobile security practices that can keep employees safe when away from the office. A specific practice that can be beneficial in this area is to create a mobile set of tools stored on a USB drive that can be run on any computer in case of emergencies. 

The Importance of Portable Tools 

There are a variety of tools that can be helpful, and including as many tools as possible should be the goal of any security professional looking out for the needs of their customers. If a program can be run without the need for installation within an operating system or the need for administrative rights on a computer, it increases its mobile value. Cybersecurity professors should show their students the value of this type of mobility, as there are times when some systems become unreliable, and one must use alternate systems that are not completely trusted. The first place to start is to have a mobile virtual machine emulator, similar to VMWare or VirtualBox, that can run entirely from a USB drive. 

Qemu: A Mobile Virtual Machine Emulator 

Qemu, the quick emulator, can emulate physical machines and their associated hardware components and manage virtualized operating systems that utilize the emulated hardware. It is lightweight and portable enough to be run off of a high-speed USB drive, which increases its portability, and is flexible in its management of virtual disks that can be compressed or encrypted as needed. Qemu is also able to work with multiple operating systems, which makes it an excellent platform that any cybersecurity professional can use to build a mobile communications and security platform. One thing professors should key in on when dealing with emulators is that very few have the capability to run completely from a USB drive. This sets Qemu apart from others. The next thing to consider is a lightweight operating system that can run with very little overhead. 

Tails Operating System for Anonymity 

The Tails operating system has many advantages when wanting to maintain anonymity and communicate with others. First, Tails routes all internet communications through the onion router network (Tor) to hide IP addresses and physical locations that prevent, or at least greatly impede, the tracking or surveilling of activity. Next, Tails includes the advanced encryption capabilities necessary for email, secure file storage and retrieval, and various instant messaging capabilities. Most importantly, Tails does not leave behind any traces of information once it is shut down. It can be run on any modern computer with the assurance that the user is protected. Each of these capabilities is important for a cybersecurity student to be familiar with so they can provide the highest degree of security in any situation. In some cases, a complete operating system is not necessary, and one only needs a specific tool at their fingertips. 

PortableApps Platform for Flexibility 

The PortableApps platform allows users to select a series of applications that can be installed on and run entirely from a portable drive connected to a Windows-based system. It offers hundreds of open-source and free applications that fit many requirements and also does not record any activity to the host system. PortableApps can additionally be run from cloud-based storage or from within encrypted file containers. It is highly flexible with hundreds of applications, and some of the most valuable are the security tools that can run external scans for malware and correct other potential security risks. Cybersecurity professors should show their students that when a computer is no longer trusted, or has fallen victim to an attack, an external device is often necessary to secure and recover the system and transform it back into a usable state. 

Classroom Applications and Student Projects 

Within the classroom, it would be valuable to assign students a project of creating their own portable USB drive with these types of tools or other capabilities they may consider useful in different situations. Portability is important today and should extend into the security arena. This exercise would encourage them to explore and evaluate different categories of cybersecurity software, such as encryption, forensics, and network analysis. More importantly, it would help them develop practical skills in configuring and maintaining secure environments outside of a fixed system. A professor could also provide scenarios for them to work within so that they can tailor their USB toolkit to a specific situation. This would provide students with a deeper understanding of both the adaptability and responsibility required in real-world cybersecurity work. 

Preparing for Modern Security Challenges 

Computers were easy to protect 30 years ago, before many of the advanced persistent threats were created. Data theft was more often about physical documents than their digital counterparts, and a damaged laptop while on a work trip was only a minor inconvenience. These are not the realities of today. Today’s computing environment necessitates not only greater security measures but also creative security measures to be prepared for any situation. Professors need to prepare their students for every potential security reality. Students also need to be prepared for the unknown risks that will undoubtedly arise as technology continues to advance, and be given the critical thinking skills to adapt to new environments. Cybersecurity is the opposite of stagnant. It is always changing, and we must prepare the next generation of defenders in every way possible.