This year has been a pretty busy international travel year for me and with all the extra security precautions being taken at international borders these day you can't be too careful when it comes to protecting your data while traveling. So what should you be doing to protect yourself and your data when traveling out of your home country?
It really boils down to two simple things, minimize the data you carry with you on your devices and protect/encrypt the data you transmit. Protecting data transmission is pretty straight forward and so are the reasons for doing so, but minimizing the data on your devices is a little less straight forward. After all, if your device is encrypted then why does it matter? It matters because if the nice man or woman in customs at the border demands that you unlock your device then you have two choices...be detained indefinitely or unlock your device. Whole disk/device encryption doesn't protect you in this case. The only thing that does is to not have the data on your device in the first place.
Protect Your Data Transmissions
The easiest way to get information from someone is to just pluck it out of thin air and with proiliferation of cellular and wireless connectivity the amount of sensitive information floating through the air at any given time is astonishing. If you are on trusted wireless networks like at home or at work its one thing, but when you are in another country you can't trust any of them. So the best way to go is to encrypt everthyhing and this done by using a VPN service. And not just any VPN service, you have to use a service you can trust. If its a free service then its most likely a service you can't trust. There are a ton of VPN services out there but the best one I have found is Cloak.
The reason I like Cloak is that it is automatic. You don't have to remember to switch it on, it is activated automatically when ever you are connected to a network you have NOT already identified as a "trusted" network. This is critical because it means you don't have to think about it. Just install the app and you are protected. All of the data you are transmitting and receiving on "untrusted" networks is encrypted between your device and the Cloak VPN server. After that the data is traveling just like it would otherwise (either unsecured or secured via an https connection). So that means you have to trust the folks at Cloak because your data is getting unencrypted on their end. Cloak has some really great options for just buying small amounts of their service that are great for getting just while you are traveling. I had two international trips and for just one single In-App-Purchase of $9.99 I had unlimited data to cover me for 30-days (which covered both of my trips).
Don't Carry Sensitive Data With You
Encrypting your data can only protect you if someone can't force you to unencrypted it. When passing through international borders these days you can't assume that won't happen. So the best approach is to just not carry the data with you or to have the data accessible but not directly on your device. Below are a couple of examples of where I took data off of my devices for international travel.
I use 1Password to store all of my passwords and sensitive information. One of the things that security experts like so much about 1Password is that up until recently 1Password focused on local storage for your passwords. But then 1Password came out with a new subscription service. Security experts didn't like it because it was cloud-based and some consumers didn't like it because now you had to pay a monthly or yearly subscription for your service. But what people failed to realize is that now that 1Password was cloud-based you could simply "turn off" the data on your local devices as a way to protect the data (for example when you cross an international border) and then turn it back on once you crossed. That is exactly what 1Password's new "Travel Mode" does. Once you login into your 1Password online account and enable "travel mode" all of the vaults in your account that are not marked as "safe for travel" are removed from all of your local devices (phones, tablets and computers). So what I do is I create a new vault in my account called "travel" and copy only the select few passwords and documents I know I will need for traveling. All my other data is taken off all my devices. Then once I arrive in the country I am traveling too I login to my 1Password online account and disable travel mode. Now I have all of my data back on my devices. Then before I leave I re-enable travel mode and do it all over again. That way if a border agent asks me to unlock my phone it won't have all of my sensitive data and passwords, just a few.
Another app I rely on is DEVONthink. I used it to store all of my bills, envoices and receipts. This is great, except I really don't want all of this information turned over to a border agent. I use the Dropbox sync method of syncing my DEVONthink data across all of my devices. So before I travel all I had to do was disable the sync on the DEVONthink databases that I was worried about (my "Bills" database) and then delete the database from my mobile devices. I really don't need access to bills and receipts while I'm on foreign travel so it was best to just temporarily remove it from my devices.
There are probably other app and services out there that are similar to the examples I talk about above (1Password and DEVONthink) where you can remove local data and retain a cloud-based access. If you pair that strategy with the strategy of then removing even the passwords to these services from your device (at least until you are through the border) then you can re-enable your 1Password access and re-connect to the web-based versions of these services while you are abroad.
Hopefully this helped some of you. It may seem like overkill but it really wasn't that hard to do what describe above and it sure made me a lot more comfortable when traveling overseas.