Have Cloud Data, will (can) Travel
Last month Israeli security forces imposed their right to examine your email at their border crossings; the initial panic was calmed by a clarification from the Israeli Attorney-General stating the specific circumstances for the search. Previously, in 2009, the United States imposed a right to search your electronic devices, and keep them for further examination, at border crossings too—without any suspicions of wrongdoing. Are these signs that our local data is no longer private when we travel?
State sponsored search of your devices, and data, now becomes the latest privacy worry for any international travellers; we’ve always been worried about malicious attempts to gain access to our data, or having our laptops stolen from airport security screening points, but now the case for travelling completely clean is made.
Many technology travellers I talk to have always maintained a set of clean equipment, which is only used on trips outside their native country. Before and after every trip their laptop, smartphone, and tablet get factory wiped and restored from a known good image. This is especially important when returning from a trip to ensure the platforms remain clean – those devices are also replaced more frequently than home devices, and are occasionally stripped to check for “extra hardware”.
If you’re wondering how you manage to work in such a sterile environment – have a think about how the cloud supports your remote working now. Keeping your data on your local hard drive isn’t the necessity it once was; it seems quite antiquated to me.
Cloud services that allow you to store your data online mean you’re only ever a click away from that data, and given the ubiquity of Internet access these days, that’s never a problem. Of course data stored in the Cloud isn't beyond the reach of search warrant of subpoena, but at least it's not local on your device being carried through a border crossing.
Email inboxes should remain empty until you’re safely through a border crossing, and on a known and trusted network. Once you’ve downloaded your recent email remember to remove the account and wipe the device before you leave the country too; there’s no sense taking the precaution for inbound border crossing and forgetting about the outbound.
The same applies to file data, leave your files in the cloud and only access them when it’s safe. Don’t store anything locally unless you can securely wipe the hard drive after use.
From an enterprise IT perspective; CISOs and CIOs should educate their users on how to handle such incidents, and of course draw up a policy for international travellers. It does occur to me that your IT department can help, by disabling your access to 'their' services on your devices until you give them the go ahead once safely at your destination. Deleting your stored passwords on devices would also prevent the access of data not stored locally.
For travellers the Cloud should now be as essential as your flight socks and money belt. As someone before me once said – “Don’t leave home without it”.