In a few days I’ll be on my way to France for about two weeks with my
girlfriend, and as I’m putting a few things together I thought this would be a great time to share some of the steps I take to protect myself while traveling.
There have been many great articles written in depth about securing your devices such as April Wright’s series, and the @thegrugq has great advice here. I highly recommend reading through these if you are looking for more in depth technical advice.
Know Your Risk
My goal is to not create an exhaustive list of how to protect your devices, but to share my approach to it as a regular traveller for fun and work. The majority of the time I’m on the road is for work, which means I need to balance accomplishing work with client confidentiality.
Overall my biggest concern is everyday criminal activity. Outright theft of my phone or laptop. This is always forefront on my mind whether I’m traveling internationally, walking around my home town, or commuting around Boston. I generally take the same precautions no matter where I am.
Some people may be concerned with their electronic devices being searched by border patrol, however, that is not one of my primary concerns. If you are someone with a legitimate concern about this, or other nation state adversaries, this isn’t the post for you. Instead, go follow the @thegrugq and read everything he’s written on the subject.
With that said, here are the top 10 things I do to increase my security for
travel.
1. Don’t Bring It
If you don’t need it don’t bring it. Done. This is not only a mantra for minimalist travel, but also good security practice. If you don’t need to have client documents with you, don’t. These types of documents should be routinely wiped from your devices.
2. Backup Everything
I operate under the assumption that at any time, I may have my phone or laptop stolen or that it might get broken. Hard drives will fail and even though you’ve dropped your phone numerous times without anything bad happening, there’s always that one time. Regular travel is not just hard on people, it’s also hard on computers. Backup everything.
Phone – Every time I plug it in to my computer it performs an encrypted local backup protected by a randomly generated passphrase. I backup my laptop and desktop locally using Time Machine to an external storage in case of a hard disk failure or a system update goes awry.
Laptop – When traveling for work, I create a Time Machine backup on an external drive that I bring with me. I’ve only used it it once while at a client location, but it saved the day when my laptop wouldn’t boot.
3. Encrypt Everything
Ensure that your phone is protected with a strong passphrase. Not a pin, fingerprint lock, or Face ID. If you need help setting up a passcode, instructions can be found here for iPhone.
Encrypt your laptops. Using full disk encryption is a definite, as if someone steals your laptop, they will be unable to just remove the hard drive and pull data off of it. Instructions for enabling this using Apple’s FileVault can be found here.
4. Bring Printouts and Photocopies
Bring a quality color copy of your passport. Embassies may have an easier time dealing with a color copy. You should also keep a copy in each bag that you are bringing (i.e. your backpack, and each piece of checked baggage).
I would also recommend bringing printouts of any hotel information or other travel documents that might be handy. When traveling to non-english speaking areas, its also useful to keep this information on hand to show drivers where the address is to ease any communication issues.
Add to this any important numbers along with an emergency contact just in case something happens to you.
This may sound like overkill, but if you need them, having these printouts on hand can turn what might be a vacation ruining event into a minor problem.
5. Use VPNs
I recommend keeping your phone in airplane mode when not in use. However, when you do need to connect to a wireless network make sure the network requires a password to join and use a VPN. I’m currently using Private Internet Access for a VPN provider and have been for a couple of years now without any issue. I use a VPN on my laptop as well as my phone.
6. Credit Cards and ATMs
Be very cautious using ATMs. Credit card skimming is a major source of financial loss these days and skimmers are more sophisticated and harder to spot than ever before. If possible, only use ATMs in secure areas, such as inside banks to limit your risk and also try and use only credit cards that have travel protection. Do your best to only run transactions as credit so you are not entering your pin into a sketchy card machine at that corner convenience store.
Don’t forget to call your credit card companies to let them know you are traveling.
7. Disable Services
For both my laptop and phone, I disable Bluetooth, AirPlay, and disable wireless unless I need to use it. In most cases, I also keep my phone in Airplane mode.
It’s also a good idea to clear your devices of any previously joined Wireless networks to prevent your phone or laptop from trying to automatically join these.
8. Security Enhanced Accessories
I am a fan of minimalist travel and haven’t checked a bag in years. If possible try to limit to one backpack or one carry on.
Credit Cards – I keep all of these in a RFID blocking wallet when not in use along with my passport. For my credit cards I am currently using the Ridge Wallet and for my passport I’ve been using one I picked up from Target.
Clothes – I prefer to travel with clothes that have extra security features, like hidden pockets. This can add a bit of extra security against pickpockets, but I like that, for the most part, I don’t have to worry about items falling out of my pockets on the plane, taxi, or train. Two of my favorite companies in this area are Rohan and Bluffworks. I am almost always wearing a piece of Bluffworks clothing.
Backpacks – I currently use a Brainbag from Tom Bihn, but I’ve heard great things about the PacSafe backpacks. These bags are built with steel threading and RFID protection. I’m planning on picking up one of their 25L bags soon.
9. Be Vigilant
Heavily trafficked areas are prime spots for thieves. It’s not always in a dark alley or in bad parts of town. Pickpockets love crowded places.
Keep your bag in front of you when standing on a train or bus. It’s also helpful to have chest or waist straps on, as it can make it more difficult for someone to take your bag and run. Criminals will go after easy targets. Don’t be one of them. Phones are easy targets as they are much easier to convert to cash than other items you will probably have on you. They are also incredibly easy for thieves to steal.
Getting robbed happens to experienced travelers too. It’s not always a mugging. Thieves can easily cut through most backpacks.
10. Don’t Use Public Charging Spots
USB cables provide power as well as data. When you plug your phone into a USB port to charge, it is possible that someone may be able to access information from your phone if they have tampered with the USB charging station. I would recommend only charging from a power outlet, using a portable charger, or a device like the SyncStop.
Be wary of using internet cafes and other places that provide free wifi, charging services, or public computers.
One last thing, don’t forget to check the state department website for travel warnings and other country specific travel information.
