Update: This post was originally published on March 8th, 2019 and a lot of things have changed over the last 2-3 years. Lots of things. However, ironically, I’m headed off to SQL Bits again for their 2022 Conference and thought it’d be a good time to update this list of how to travel securely.
Traveling in today’s age of technology is a lot easier than in the past. You can start your journey in the morning of one country and be half way across the world by nights end. When traveling, data security is usually always at the forefront of my mind. I recently traveled to a conference. While this isn’t all that usual (I travel about once a month on average) this time it was different. I was traveling internationally to England to speak at SQL Bits. It was a glorious conference and I was really excited to go, however while preparing to travel, I made sure to review my security measures so that I could enjoy my trip and not be worried.
Full Disk Encryption
John: Proper disk encryption is still very high on my list of things to ensure I have before traveling. In this case, because I’m presenting, I’m traveling with two laptops and both have the appropriate disk encryption already in place. This is one thing you definitely don’t want to leave home with out. Read on if you aren’t using disk encryption!
If your laptop (or laptops in my case) don’t already have hard drive encryption enabled, you are doing it wrong. As a user of both Windows and Apple hardware, enabling this security feature is painless and just easy to do. Hard drive encryption happens behind the scenes and should not cause any type of performance hit when it is enabled.
FileVault for Apple – FileVault is the way to go if you are Mac user. It’s built into the operating system and does not have any restrictions (that I know of) in terms of versions. If you have been using your laptop for a bit without this enabled, when you do enable it, it may take some time to get everything encrypted appropriately. I had been using my laptop for years without encryption enabled so when I made the switch, I did so over a weekend where I could let it sit. However, you can enable it and continue to work just keep in mind that it might be slower as it’s encrypting all the bits.
Bitlocker for Windows – Bitlocker is the way to go if you are in the Windows eco-system. It’s easy to enable and does not introduce any type of performance overhead. My Surface (provided to me by my employer) already came encrypted. Bitlocker, unfortunately, is not available for the Windows Home version, however you pay $99 to upgrade your operating system to Windows Pro which would then come with Bitlocker. In my opinion, having that full disk encryption is worth every penny of $99 however if that is above your price point there are other alternatives on the market such as VeraCrypt. Make sure that you research those alternatives closely and understand the process on how to encrypt/decrypt your hard drive. If done wrong, the data that you could loose could be yours.
In short, having the peace of mind knowing that if my laptop is stolen, most likely nobody is going to be able to retrieve any sensitive information that I might have on the laptop. Even when traveling domestically, just enabled it and have that peace of mind.
You’ll thank me later.
This is an add-on to the original post.
Even during the pandemic, before traveling in any way shape or form, a few days prior I make sure that the laptops that are going with me have a good backup in place. I usually have a 1 to 1 rule in that I backup locally to a network storage device within my physical residence and then a secondary off-site backup. I like using Backblaze for my Mac laptop as my off-site backup and I was Time Capsule locally. For the Windows side, I use Synology’s Active Backup to ensure I’ve got a local copy.
In line with that, while it’s not “backups” per say, I also utilize various cloud synchronizing providers like Dropbox, OneDrive, or Google to ensure I’ve got an off-site, easily accessible copies of my documents. These cloud services are well encrypted however anything that I deem as sensitive gets additional layers of encryption on top.
Yes, I’m that paranoid IT Guy.
John: Still absolutely one of the best recommendations I can provide. Highly recommend a password maanger for not only traveling but for your day to day activities. Use strong complex passwords whenever you can.
Password Managers such as 1Password, LastPass, or KeePass should be a part of your daily routine. If you are continuing to utilize the same password for all of your accounts (both online & offline) you are begging for a hacker to break in. Once they have been able to brute force your password, your kingdom is now theirs. I personally use 1Password (and have for years) simply because they offer up several features that I really like.
One of these features is the Travel Mode. Travel Mode is pretty simple in that it removes any password vault marked as “not safe for travel” from your devices. It does not hide them or mask them, it removes them completely. Once you reach your destination, you can simple turn off Travel Mode and the vaults will then be sync’d once again. This really helps to ensure that any unwarranted search of your device will not find any passwords which could be then used against you. You can mark certain vaults as “safe for travel” and those will not be removed from your devices.
If you are traveling to a country where unwarranted searches of your device might happen, this is a great way to elevate those concerns.
Note: Microsoft MVP & Security Expert Troy Hunt uses 1Password so take that into consideration.
2nd Note: 1Password offers up the ability to identify if any of your passwords have been exposed through a service Troy provides, HaveIBeenPwned.
Multi-factor Authentication (New!)
This is also an add-on.
Recently, as the events unfolded with the events with Ukraine and there was an uptick in the amount of cybersecurity awareness, it made me think about my own personal accounts and whether or not I had appropriate authentication enabled. Appropriate authentication includes a strong complex password (see Password Manager above) as well as some type of multi-factor authentication. In previous years getting a code texted to you via your cell phone was acceptable, however, in 2022 I much prefer the use of an Authenticator application. Google and Microsoft (and others) both offer up an authentication application that you can register with your provider. This means that in order to verify who you are, you need your account information (login and password)
Double check all of your important accounts (any account that has personal information tied to it like finances, health, kids, etc) to ensure that some type of multi-factor authentication is configured. Doing so will help to ensure your data is kept safe and sound.
John: Only one addition there. I treat my passport and any identification while traveling just like I would my bank accounts. Protect them as best as possible. If you are from the United States, get a Passport card with your Passport. Keep them separated but secured as either can serve as valid identification to American Embassy’s.
I consider my passport as sensitive information thus I want to protect it as best as possible whenever I travel. In addition to my US Driver’s license, I also travel with my passport so that I have a secondary method to authenticate my identity. The United States passport (as well as many other countries) has an RFID chip built into the cover. This means that someone with a RFID scanner and who is near my passport could scan it. While the amount of information contained on the chip is most likely limited, I don’t like to give anybody any type of personal information unless I absolutely must. Especially if I don’t even know that it’s happening
One way to protect your passport against RFID scanning is to purchase a sleeve for it. These are inexpensive sleeve’s which your passport would slide into and be shielded from a RFID scanner. They are easy to use and gives me peace of mind when I travel.
Another consideration when it comes to your passport, is have a secondary copy available somewhere, preferably off site. In my case, I use a cloud provider (like Dropbox, OneDrive, Google, etc) with an encrypted copy of my passport in which certain family members have access to. If my passport is stolen or mis-placed, I can either access it directly from my Cloud provider or I can contact a family member to get me a copy of my passport. While this copy will not be enough to gain access to air travel or cross borders, it would at least give the local US Embassy information that can be used to authenticate who I am.
John: No real change here either. Virtual Private Networks can help ensure that your communication remains private even when visiting a foreign country. Thankfully I have two options for VPN access, my personal VPN solution that I built or the company one provided to me from work. Both are excellent options.
Whenever I am away from my home network, data security concerns are always present. I work with a number of clients and I always want to ensure that I am protecting their data as well as mine as best as possible. Therefore, when I am traveling anywhere and I need to access the internet, I use a VPN service. In my case, I use my own VPN server that I stood up in Azure. Having a VPN service available makes sure that all of my internet traffic is encrypted and secured away from any prying eyes. Depending on where you are traveling too, you might look at various 3rd party VPN services to ensure that they have a VPN endpoint as close to your destination as possible. In my case, my VPN server is located in the East US region in Azure and even across the Atlantic Ocean the speed was sufficient for what I needed.
My VPN solution also allowed me to use a VPN connection on my phone. I have a newer iPhone but with OpenVPN I was able to get a secure connection when utilizing the hotel Wifi.
It is really exciting to be able to travel, especially when that travel takes you across borders and around the world. These simple items I’ve listed above will help to secure your data. Unauthorized access to your data can really ruin your travel plans, so take a few moments to go over them as well as anything else that might be critical for you. Remember, the data that you might save could be your own!
If you are a frequent traveler, what do you do to secure your data? Has your stance on security, even just in general, changed with the changing times of the world we live in? I’d love to know so that I can be more secure!
Happy Traveling and stay safe out there.
© 2022, John Morehouse. All rights reserved.The post Secure Travel first appeared on John Morehouse.