Scroll to top
Request Consultation
Executive Digital Security for International Travel

Security Intelligence

Executive Digital Security for International Travel

Protecting corporate devices and data during international travel. Covers device preparation, communication security, data handling in high-surveillance jurisdictions.

Marcus Webb, Security Operations Adviser 5 December 2025 3 min read

International travel creates specific digital security risks that do not apply in the controlled office environment. Devices cross borders where state actors may have legal or practical ability to access them. Unsecured networks create eavesdropping opportunities. Hotel rooms in high-surveillance jurisdictions may be physically accessed. The combination creates a threat environment that requires specific preparation.

Pre-Travel Device Preparation

Clean device principle. For travel to high-surveillance jurisdictions (China, Russia, certain Gulf states), travel with a clean device: a device configured specifically for the trip containing only what is needed, without access to full corporate email, sensitive documents, or critical system credentials. The clean device is rebuilt from scratch on return.

Full-disk encryption. All travel devices should have full-disk encryption enabled. Devices should be fully shut down (not locked or sleeping) at border crossings to ensure encryption is active.

MFA and strong authentication. Ensure all accounts require multi-factor authentication. Travel creates heightened risk of credential theft: MFA ensures that a stolen password alone is not sufficient to compromise accounts.

VPN installation and testing. A reliable, enterprise-grade VPN should be installed and tested before travel. Note: VPNs are illegal or technically blocked in some jurisdictions (China has blocked many commercial VPNs). Know the legal and technical status of your VPN in your destination before travel.

Sensitive data review. Remove sensitive data from travel devices where it is not needed for the trip. Cloud access to sensitive documents (rather than local storage) reduces what is exposed if a device is compromised.

In-Country Digital Security

Treat hotel WiFi as untrusted. Use VPN for all corporate communications on hotel networks. Prefer cellular data for sensitive communications.

Physical device security. Do not leave devices unattended in hotel rooms. Use the hotel safe for devices when not in use (accepting that it is not impenetrable). In high-surveillance environments, assume room access by hotel staff is possible.

Communications hygiene. Encrypted messaging (Signal or equivalent) for sensitive communications. Assume that communications over standard SMS and voice in high-surveillance jurisdictions may be monitored.

Meeting room security. In high-risk environments, sensitive conversations should not take place in hotels, government-affiliated buildings, or locations where audio monitoring is possible. Consider outdoor or verified secure venues for sensitive discussions.

Return Protocol

Device inspection. On return from high-risk jurisdictions, devices should be inspected by IT security. For high-value executives, a return protocol that includes device replacement may be appropriate.

Account review. Check for unexpected account access or password change requests that occurred during the travel period.

Debrief. Any unusual incidents (requests for device access at borders, unexpected contacts, suspicious IT activity) should be reported to the security function on return.

For executive digital security and TSCM services, contact us through our quote form.

For tailored support on the issues covered here, see our executive protection service and bodyguard hire service.

FAQ

Frequently Asked Questions

The professional guidance is to travel with clean devices: devices that contain only what is needed for the trip, without access to full corporate networks or sensitive documents. This limits the exposure if a device is physically compromised (access by customs or hotel staff) or if it is connected to a compromised network. Clean devices should be wiped and rebuilt on return. Most large corporates with significant China or Russia operations have device loan programmes for exactly this purpose.

Hotel WiFi is an untrusted network. Traffic on hotel WiFi can be observed by the hotel, by anyone on the same network, and in high-surveillance jurisdictions, by state intelligence services. For sensitive communications, use a VPN consistently. For highly sensitive communications (M&A, strategy, legal matters), use cellular data rather than WiFi. Never access sensitive systems on hotel WiFi without VPN.

A border crossing protocol governs what happens to devices at international borders. Some countries (China, Russia, Gulf states, and the US Customs and Border Protection) can compel device access at border crossings. A border crossing protocol typically involves: ensuring devices are powered down before border crossing (which activates full-disk encryption), using travel devices with minimal data, having legal guidance on the rights at the specific border, and having IT ready to remotely wipe if a device is confiscated.

A clean-device protocol means travelling with a dedicated phone and laptop that hold no sensitive data, accessing only what is needed remotely, and wiping or retiring the devices afterwards. It is justified for travel to high-surveillance jurisdictions or where a principal handles commercially sensitive material. For routine low-risk travel it is usually unnecessary.

Some jurisdictions assert broad powers to inspect or copy devices at the border. The practical measures are to minimise data carried, use full-disk encryption, log out of sensitive accounts, and avoid storing privileged material locally. Knowing the specific destination’s posture in advance shapes how cautious to be.
Get in Touch

Request a Consultation

Describe your security requirements below. All enquiries are confidential and handled by licensed consultants.

Confidential. Your details are never shared with third parties.