Before you head to the airport for your next business trip or holiday, ensuring your technology is prepared is just as important as packing your passport.
Business travel creates a unique set of IT risks. Public Wi-Fi, unfamiliar charging points, the heightened probability of device theft, and the reduced ability to get IT support quickly all combine to make travelling one of the riskier periods for business data security.
These eight checks take less than 30 minutes total and can prevent days of recovery effort.
1. Enable Full-Disk Encryption
If your laptop is stolen at an airport, encryption is the difference between a costly inconvenience and a notifiable data breach. On Windows, this means confirming BitLocker is enabled. On Mac, it means FileVault is on.
How to check on Windows: Settings → Privacy & Security → Device Encryption (or search “BitLocker” in the Start menu).
How to check on Mac: System Settings → Privacy & Security → FileVault.
If encryption is not enabled, turn it on before you travel. It runs in the background and does not affect normal usage once activated.
2. Back Up Your Laptop Before You Leave
The two most common causes of data loss during travel are device theft and accidental damage (drops, spills, checked baggage). A backup taken the day before departure ensures you can recover quickly regardless of what happens to the hardware.
If your organisation uses Microsoft 365 with OneDrive sync enabled, your documents are already backed up to the cloud. Confirm sync is complete before you leave — the OneDrive icon in the system tray should show a green tick, not a spinning sync icon.
3. Update Your Operating System and Applications
Cybercriminals actively target unpatched vulnerabilities. Travelling with a device that has outstanding Windows or macOS updates means travelling with known, unpatched security holes.
Run Windows Update or macOS Software Update before you leave. Do the same for your browsers, VPN client, and any other applications you regularly use.
4. Enable and Test Your VPN
A VPN encrypts your internet traffic on public networks. Hotel Wi-Fi, airport Wi-Fi, and café networks are all unencrypted by default — your data can be intercepted by anyone on the same network.
Before you travel, confirm your VPN client is installed, your credentials work, and you know how to connect. Test it at home before you need it in a hotel lobby.
If your organisation does not have a business VPN, speak to your IT provider before your next trip.
5. Set Up Remote Wipe Capability
If your device is stolen, the ability to remotely wipe it prevents your data from being accessed. For Windows devices enrolled in Microsoft Intune, your IT administrator can wipe the device remotely. For personal devices, Windows 10/11 has a built-in “Find My Device” feature with remote wipe capability.
On iPhone and Android, ensure Find My (iPhone) or Find My Device (Android) is enabled, and that your accounts are linked to a device you will have with you (e.g. your phone can wipe your laptop).
6. Enable Multi-Factor Authentication on Critical Accounts
If your credentials are stolen while travelling — through phishing, a compromised network, or physical observation — MFA is the last line of defence preventing account takeover.
Before you travel, confirm MFA is enabled on your email, Microsoft 365, banking, and VPN accounts. If you use an authenticator app, ensure it is installed on your phone and synced.
Also: download offline backup codes for any accounts that offer them. If you lose your phone, you will need these to recover access.
7. Note Your IT Support Contact Details Offline
When something goes wrong at 6am in a hotel room in Singapore, you need your IT support number without relying on a device that may be locked or stolen. Write down or screenshot (to a cloud photo library you can access from any device):
- Your IT helpdesk number
- Your Microsoft 365 account reset process
- Emergency contact for your IT manager
8. Know the Risks of Public USB Charging Points
Juice jacking — where malicious charging stations inject malware through USB connections — is a real, documented attack vector. Public USB charging points at airports, hotels, and conference venues should be treated with caution.
Best practice: Travel with your own USB wall adapter and charge from mains power rather than USB charging stations. Alternatively, use a USB data blocker (sometimes called a “USB condom”) which allows charging but blocks data transfer. These cost a few dollars and are worth having in your travel kit.
Travel Prepared
These eight checks are not time-consuming, but most business travellers skip them. The five minutes you spend confirming BitLocker is on and your VPN works before you leave could save hours of incident response on the other side of the world.
If your organisation does not have documented travel security procedures, CX IT Services can help you put them in place. Contact us to discuss your mobile security posture.
