Keeping your data safe when traveling

Our whole lives and livelihoods are wrapped up in our data.

That data is especially vulnerable at border crossings and in unfamiliar environments.

There are plenty of security products available on the internet for the privacy-minded traveler – if you feel like going shopping, a quick search will turn those up for you.

And if you really want an excuse to travel with a laptop and phone that you’ll acquire solely for your trip and then dispose of when you leave, you certainly can, but most people won’t.

But here are some tips you can use without spending tons of money on extra security gear.

Getting there – keep it encrypted, and travel light

If you need to bring data with you, make sure it’s encrypted with full disk encryption, and that your computer is turned off – not merely on standby – so that there are no encryption keys left in memory.

Keep in mind that border officials in some countries can require you turn on and unlock your devices, and they may be allowed to make and keep copies of your data, as a condition of entry.

If you refuse you might be denied entry, or even detained. So think of encryption more as protection from data loss should your hard drive or machine be stolen or physically lost.

If this is unacceptable to you, travel light and leave your devices and their data at home.

It depends on what’s at risk for you and what your tolerance for risk is, but less you have with you, the less you have to lose.

When you’re there, mind what you connect to

Think before you charge a device using a USB port on someone else’s device, even if it looks like a plain old charger.

Consider carrying a cable or adapter of your own that you know has only its power wires connected – if the USB data wires are missing from the cable then it then can’t be used to sneak data onto or off your device.

Also, if you rent a car, avoid pairing your phone with its computer system, no matter how convenient that might be. You may end up leaving behind more than you intended, including your device name, contact data and call details.

When it comes to accessing data remotely, stick to basic internet hygiene procedures.

Avoid accessing sensitive services via public access points, and consider using a VPN to encrypt all your network traffic (if local regulations allow) back to your home or company network to reduce the amount you leak out to eavesdroppers.

Final note

If you’re traveling abroad and not bringing any of your kit with you but plan on accessing your cloud-based services from a new computer, remember that your new device and new geolocation could trigger security alerts on your account.

At the very least, if you have 2FA (two-factor authentication) enabled on your account (and you should if you have the option!), make sure you have your token generator or phone with you so you can get access.

If you use SMS to receive your 2FA codes, you’ll want to be sure your phone plan allows you to receive SMS while abroad. (This is something you can resolve while abroad, but it’s a lot easier to take care of before you leave, speaking from personal experience.)

Similar advice applies if you use a password manager: make sure you have the tools to access it on the go, such as the token generator if it’s locked with 2FA.