Travel Security Guide for Researchers

As a researcher at Lakehead University, your work contributes to advancing knowledge and innovation on the global stage. When travelling internationally for research activities, conferences, or collaborations, you face unique security challenges that require proactive preparation and vigilant practices. This guide provides comprehensive recommendations to protect your research data, personal information, and university systems while maintaining the ability to conduct meaningful academic work abroad.

Official Government Resource: Canada's official Travel Security Guide for University Researchers and Staff provides foundational guidance for all international travel.
📚 Related Resource: Many of the cybersecurity practices referenced in this guide are explained in greater detail on our Cybersecurity for Researchers page. We recommend reviewing that resource before international travel.

âš¡ Quick Reference: Essential Actions

Before You Go

While Travelling

  • Power down devices at borders
  • Always use VPN on public networks
  • Never use public USB charging
  • Keep devices in your sight
  • Be wary of elicitation attempts

When You Return

  • Change ALL passwords immediately
  • Run full malware scan
  • Wipe any loaner devices
  • Report any incidents
Important: Preparation is the most critical phase for ensuring your security. Implement these measures before your departure — not at the airport.

1. Assess Your Risk

Before any international travel, take time to understand and assess the security landscape of your destination. Different countries present different levels of risk to researchers, and your research area may make you a specific target.

Consult University Resources

Before any international travel, discuss your plans with appropriate resource personnel:

  • Your supervisor — Discuss the academic necessity and timing of your travel
  • TSC Helpdesk — For device preparation and technical security guidance
  • Office of Research Services — For research-specific travel requirements
Book a Travel Security Consultation: Reach out to the Research Security and Data Management Specialist before travelling to better assess your risk level.

Contact: Andrew Austin | security.research@lakeheadu.ca | (807) 343-8010 ext. 8190

Check Travel Advisories

Before booking, consult the Government of Canada's official travel advisory for your destination and understand the risk level.

High-Risk Destinations: For countries with a risk level of "Exercise a high degree of caution" or higher, it is strongly recommended that you use a temporary "clean" device while travelling.

Pre-Travel Checklist

  • Register Your Trip: Register all international travel with the Registration of Canadians Abroad service so you can be contacted in an emergency.
  • Get University Approval: Obtain formal pre-trip authorization through the university's travel expense policy to ensure your trip is officially sanctioned and your insurance is active.
  • Review Local Laws: Be aware that you are subject to the laws of your destination country, which may include restrictions on encrypted devices or VPNs.

2. Prepare Your Devices

Your devices are the primary vectors through which your research data can be compromised. Proper preparation significantly reduces your risk exposure.

Device Preparation Essentials

  • Travel Light: Only take devices that are absolutely necessary for your trip.
  • Use a "Clean" Device: Whenever possible, especially for high-risk destinations, use a temporary "loaner" or "burner" device that contains no sensitive data.
  • Update Everything: Ensure the operating system and all applications on your travel devices are fully updated with the latest security patches. See Software Updates on our Cybersecurity page for more details.
  • Enable Security Software: Install and update reputable anti-malware software and ensure a firewall is active.
Loaner Devices: Contact the TSC Helpdesk to inquire about best practices for preparing a device for travel. Lakehead University is currently exploring options to provide loaner devices for travellers in the future. In the meantime, consider using a personal secondary device or purchasing an inexpensive temporary device for high-risk travel.

Device Encryption

Enable full-disk encryption on all devices carrying university data. For detailed instructions, see the Encryption section on our Cybersecurity page.

  • Windows: BitLocker
  • Mac: FileVault
  • Mobile: Enable device encryption in your security settings
Important: If travelling to a country that restricts encryption (such as China or Russia), use an unencrypted loaner device with no sensitive data stored on it.

3. Secure Your Data & Accounts

Your research data is valuable — both to you and potentially to foreign adversaries. Minimizing what you carry and securing what remains is essential.

Data Minimization

  • Minimize Data: Do not travel with sensitive or confidential research data stored on your device.
  • Back-Up and Wipe: Back up all essential data to a secure location you are leaving at home (like Lakehead's Google Drive) and then securely delete the original files from your travel device. See Backup Practices and Secure Data Disposal on our Cybersecurity page.

Account Security

  • Use Temporary Passwords: Change your device and account passwords to new, unique, and complex temporary passwords for your trip. Use a password manager to keep track of them. See Strong Passwords & Password Managers for guidance.
  • Enable Multi-Factor Authentication (MFA): Activate MFA on your Lakehead account and all other critical personal accounts you may need while travelling (banking, email, etc.). See Two-Factor Authentication for more details.
  • Disable Biometrics: Disable fingerprint or facial recognition logins. Use a strong PIN or passcode to secure your device instead.
Why Disable Biometrics? In many jurisdictions, authorities can compel you to unlock a device with your fingerprint or face, but cannot legally force you to reveal a password. A PIN or passcode provides stronger legal protection.

Install and Test VPN

Install the Lakehead University FortiClient VPN on your travel devices and test it before you leave. For more information on why VPNs are essential, see the VPN section on our Cybersecurity page.

A VPN encrypts your internet traffic and provides a secure connection back to university resources, protecting you when using untrusted networks abroad.

Secure Communications for Sensitive Research

If you're travelling to high-risk countries or working with sensitive research, consider using end-to-end encrypted communication tools for your most confidential discussions.

See the End-to-End Encryption section on our Cybersecurity page for recommended tools like Signal and ProtonMail.

Maintain Vigilance: Throughout your trip, assume you can be a target for your data. Researchers working in sensitive technology areas or with valuable intellectual property are known targets for foreign intelligence services.

4. At the Border

Border crossings represent a particularly vulnerable point in your travels. Understand your rights and obligations, and prepare accordingly.

Border Crossing Best Practices

  • Power Down: Turn your devices completely off or switch them to airplane mode before reaching customs and immigration checkpoints.
  • Handle Searches: Border officials in many countries have the authority to search electronic devices. If asked, comply with lawful requests. If possible, unlock the device yourself rather than providing the password.
  • Assume Compromise: If your device is searched or a password is provided, assume both are compromised. Change the password as soon as possible.
If Your Device Is Searched: Report the incident to the Research Security Specialist upon your return. Change all passwords immediately after the search is completed. Document what happened, including who searched the device, for how long, and whether it was taken out of your sight. See Incident Reporting on our Cybersecurity page.

5. Connecting to the Internet

Network security is critical while abroad. Assume that any public network you connect to may be monitored by malicious actors or foreign intelligence services.

Network Security Guidelines

  • Avoid Public Wi-Fi: Do not use public Wi-Fi in airports, hotels, or cafes for any sensitive activities. Assume these networks are monitored.
  • Use Secure Alternatives: The safest options are to use your phone's cellular data as a personal hotspot or to use the Lakehead VPN whenever you must connect to an untrusted network. See our VPN guidance for more details.
  • Disable Auto-Connect: Turn off settings that automatically connect to Wi-Fi or pair with Bluetooth devices.
Best Practice: If you must use hotel or conference Wi-Fi, always connect through the Lakehead VPN first. Never access sensitive research data, banking, or university systems on public Wi-Fi without VPN protection.

6. Physical & Human Security

Digital security is only part of the equation. Physical security of your devices and awareness of human-based threats are equally important.

Physical Security

  • Maintain Control: Keep your devices physically with you and in your sight at all times. If a device is left unattended, assume it has been compromised. See Device Physical Security on our Cybersecurity page.
  • Avoid Public Computers: Do not use hotel or internet cafe computers for any task that requires a login.
  • Beware of USBs: Never plug an unknown USB drive into your device, including "free" promotional items from conferences. Avoid public USB charging stations; use your own charger in a wall outlet. See USB & Unknown Devices for more on this threat.

Human Security (Elicitation)

Be discreet. Be aware that you may be targeted for your research. Foreign intelligence services often use "elicitation" — seemingly innocent conversations designed to extract information.

  • Avoid discussing sensitive details of your work in public places
  • Be wary of overly inquisitive new acquaintances who show unusual interest in your research
  • Be cautious about accepting invitations to dinner, drinks, or events from people you've just met
  • Don't share details about your home institution's security practices or vulnerabilities
Trust Your Instincts: If something feels wrong, it probably is. Politely disengage from conversations that feel like probing for information, and report any suspicious contacts to the Research Security Specialist upon your return.

7. After You Return

Your security responsibilities don't end when you land back in Canada. Take these final steps to secure your accounts and prevent bringing threats back to the university network.

Post-Travel Checklist

  • Change All Passwords: Immediately change the passwords for every account and device you used while travelling. See Strong Passwords for best practices.
  • Scan Your Devices: Before connecting to any campus or home network, run a full scan with updated anti-malware software.
  • Wipe Loaner Devices: Securely wipe any temporary devices you may have used while travelling. See Secure Data Disposal for guidance.
  • Monitor for Anomalies: Watch your financial statements for fraudulent activity. Be alert for targeted phishing emails that reference your trip. See Phishing & Email Security.
Report Security Incidents: Report any security incidents to the appropriate contacts. This includes:
  • Lost or stolen devices
  • Border searches or device seizures
  • Suspected device compromise
  • Suspicious contacts or elicitation attempts
  • Any other security concerns

See Incident Reporting on our Cybersecurity page for who to contact and what information to provide.

8. External Resources

These external resources provide additional guidance and information for researchers travelling internationally.

Lakehead University Resources

Need Help?

For travel security consultations and research security concerns:

Research Security: Andrew Austin - Research Security and Data Management Specialist

Phone: (807) 343-8010 ext. 8190

TSC Helpdesk: Contact TSC Support