Travel Security Protocol

Requirements

1. Devices taken to any destination with elevated surveillance risk — defined as any country with documented state-level interception of business traveller devices, or any environment assessed as high-risk — must either be travel-specific devices with no access to primary accounts and sensitive data, or must be treated as potentially compromised and reviewed upon return.
2. Full-disk encryption must be verified as active on all devices before departure. Devices must be powered down — not merely locked or sleeping — when crossing borders; encryption protects a powered-down device, not a sleeping one with memory still accessible.
3. Public wifi networks must not be used for any purpose during travel without an active VPN. Hotel networks, airport lounges, conference venues, and café networks are untrusted by default, regardless of whether they require a password. Mobile data via a local or roaming SIM is preferable to any shared network for sensitive activity.
4. Physical documents — passports, boarding passes, hotel confirmations, and any document containing personal or financial information — must be kept on your person or stored in a locked bag in your direct possession. They must not be left visible on desks, restaurant tables, or in unattended bags.
5. Device charging via USB connections in public — airports, hotels, aircraft seat-back ports — is prohibited. Charging via AC outlets with your own charger is required. Where USB charging is unavoidable, a USB data-blocker must be used.
6. Hotel room safes must not be treated as secure storage for devices or sensitive documents. They provide a low deterrent and no meaningful security. Sensitive items must remain on your person or in a locked bag under your direct control.
7. After returning from any travel where elevated risk was present, passwords for all accounts accessed during travel must be rotated, and devices used must be reviewed for anomalies before being reconnected to trusted networks or used for sensitive activity.

Why Travel Changes Your Risk Profile

At home and in a controlled office environment, you have reasonable certainty about who can access your physical space, what network you are on, and who can observe your screen or conversations. Travel removes all of those certainties simultaneously. You are in unknown physical spaces, on networks you did not configure, surrounded by people you do not know, carrying devices that may pass through inspection at borders.

The additional risk is not hypothetical. Corporate espionage targeting business travellers in high-value sectors is documented and ongoing in several jurisdictions. Border agencies in a growing number of countries have legal authority to compel device access. Hotel networks have been used as access vectors in documented attacks. The security posture appropriate for your home office is insufficient for the environments you pass through when travelling.

Device Preparation

The degree of device preparation required scales with the risk profile of the destination and the sensitivity of the work being conducted. At minimum, all devices should have full-disk encryption active and verified, and should be powered down rather than sleeping when transiting through border controls — some jurisdictions have both legal authority and technical capability to access a sleeping device that they do not have for a fully powered-down encrypted one.

For travel to high-risk destinations, the use of a dedicated travel device is the appropriate approach. This device is configured with no access to primary accounts, no stored credentials beyond what is needed for the trip, and no sensitive data. It is treated as potentially compromised for the duration of the trip. On return, it is wiped and reset before next use. The additional cost and inconvenience of a travel device is proportionate to the value of what it is protecting.

Networks and Charging

Hotel wifi is the most commonly used and most frequently compromised network in business travel. The risk is not only from the network operator — it is from other devices on the same network, from rogue access points with matching SSIDs, and from passive monitoring of unencrypted traffic. A VPN eliminates most of these risks for traffic that passes through it; it does not eliminate risk from malware already on the device or from DNS leaks outside the tunnel.

USB charging infrastructure in airports and hotels has been used to deliver malware to connected devices — a technique known as juice jacking. The risk is present wherever USB charging is available publicly. An AC charger and a USB data-blocker are inexpensive and reliable mitigations. The habit of never using public USB ports for charging is equally reliable and costs nothing.

Post-Travel Procedures

The period immediately after returning from travel is operationally significant. Any device that may have been compromised during the trip represents a risk to every network and system it connects to. The post-travel procedure exists to contain that risk before it propagates.

Password rotation for accounts accessed during travel is straightforward and takes minutes. Device review for anomalies — unexpected running processes, new installed profiles, changed settings — takes longer but is a reasonable precaution after travel to any destination where the risk was meaningful. The threshold for this level of review is a judgement call; the requirement is that the judgement is made consciously, not avoided.