VIP Pre-Travel ChecklistWhen traveling away from home, a bit of preparation can help you mitigate potential disasters, be they accidental or man-made.
This brief checklist will cover common information and communications back-ups and help you roll with the unexpected.
1. Establish a Trusted Counter-PartyThis is typically a spouse, best friend, or co-worker back home, who will respond reliably in the event of an accident or other emergency. You can have multiple but require at least one.
Note: Be sure to confirm their willingness and availability before a trip
2. Establish Shared Password and Emergency PhrasesA shared password for encrypted files and communications should be established with your trusted counter-party. It should be memorized and/or stored securely, offline.
In addition to the password, a minimal set of emergency phrases should be established and shared with the counter-party. These should also be memorized, and/or stored offline securely. At a minimum you should have phrases for the following:
− My communications have been compromised but I am OK
− My communications have been compromised and I need HELP
− First proof-of-identity challenge and response
− Second proof-of-identity challenge and response
Note: Proof-of-identity responses should NOT be things that are public record or used on websites, like "mothers maiden name" or "make of first car".
Note: While proof-of-identity questions are used in kidnapping situations, they are also useful for preventing scams, such as pretending an emergency wire of funds is needed, which are more common than kidnappings.
3. Purchase an Offline DeviceA small wifi-only tablet is an ideal device to act as an offline, secure back-up for both storage and communications needs. The Samsung is solid but any Android device will work. Be sure it does NOT have LTE or carrier connectivity option.
− In addition you will need (2) secure, hardware-write-protect USB thumb drives and adapters to connect them to your tablet.
− It is also worth purchasing both an RF-blocking case and a USB data-blocking charge adapter.
Note: This device should serve only as a back-up, and not be used for daily business or entertainment. It should NEVER connect to a WiFi network while travelling.
Note: When not in use, it should be powered-off and stored in the RF-blocking case. It should be treated as compromised if it leaves your physical control while traveling.
Note: It is suggested that you purchase a second device for your trusted counter-party's use during sensitive communications.
4. Enable Device EncryptionAlmost all Android devices offer full device encryption. Enable it with a strong pass phrase or biometric access method. Do not use a simple 4-6 digit PIN for device access (decryption). Example instructions can be seen here or refer to your devices user manual.
5. Install Only Required AppsYou should avoid using this device for anything more than your information and communications security needs. The following apps should be installed:
− PGP cryptography suite
− QR Generator from app store or QR generator for Firefox or build your own app
− Password Manager - used offline, for multiple passphrases.
− MFA Authenticator - optional backup for MFA app.
Note: After installing the minimum required apps, disable the WiFi connection and "forget" the network to prevent accidental reconnection.
Back-up and ShareNote: These steps will likely need to be refreshed before each new trip.
6. Capture and Encrypt Key DocumentsOn the offline device, take pictures or transfer copies of critical documents such as passport, immunization and medical records, insurance policies, and emergency contact information. Encrypt these documents with the above installed PGP application using the password shared with your trusted counter-party.
Note: Delete any unencrypted versions of the documents afterwards.
7. Copy Encrypted Documents to USB DriveCopy the above encrypted documents to one of the secure USB thumb drives. This spare drive is to be left with the trusted counter-party at home or office.
Note: Enable the hardware write-protection on the USB drive after documents have been copied.
Plan and Test
8. Establish Communications Routine and EscalationsWhen traveling, establish a list of Points-of-Contact that you will be working or traveling with. Then establish a routine of communications that your counter-party can expect, such as daily check-ins. Provide the PoC List to your counter-party with an order of escalation and time-frame.
For example, if you are doing daily check-ins, then your counter-party should contact the first person on the list after 48 hours of no contact with you. Contact the next person on the list after 72 hours, etc. etc.
Note: This step should be refreshed before each new trip.