Always attend to safety when travelling
You can help to protect your organisation’s valuable information and national security by exercising caution, so Supo has prepared guidelines for travel safety.
People who work in such fields as politics, public service, research, or in the business community may find that this makes them targets of intelligence operations when they travel abroad.
Points of interest may include accompanying documents, hardware, and conversations conducted either in person or by telephone. You can help to protect your organisation’s valuable information and national security by exercising caution, so Supo has prepared guidelines for travel safety.
Plan your data security before you travel
Take only the information and hardware that you really need for the trip. Avoid carrying various smart devices, such as computers, tablets, mobile phones or smartwatches in particular. We recommend using dedicated hardware when travelling.
Always update your devices and applications to the latest versions before you travel. Set an access code to unlock your devices and minimise the autolock delay.
Note that the border authorities of some countries are authorised to inspect the contents of computers and other terminal hardware, meaning that such hardware must be surrendered to these authorities. You will be subject to the jurisdiction of local authorities in your destination country.
Take good care of data security when travelling
Do not leave your devices unattended, and carry them all as hand luggage. Hardware should never be left unattended, even in a hotel room safe. Use a sealable safety bag if this is not possible.
Computers, tablets, and mobile phones should be fitted with a privacy screen protector that prevents fellow travellers from reading the display. Also ensure that nobody sitting directly behind you can view the screen of your device.
Prioritise your own mobile data connection and always use a reliable VPN service approved by your organisation. Take special care when considering the use of public wireless Wi-Fi networks, for example in hotels and restaurants. This is particularly important if your mobile device can access your e-mail account.
Adjust the settings on your mobile phone and other mobile devices to protect your privacy. Disable any Bluetooth, voice control or voice recognition, WLAN or Wi-Fi connections, location services, connection sharing or access points when they are not in use.
Give careful consideration to your social media updates
Consider whether it is really necessary to share details or images from a business trip on social media. Such content can no longer be made private after it has been published online.
If you do decide to share details or pictures, then it is better to say what you’ve already done, rather than announcing your plans. Do not share precise location details, and always ask others for permission before sharing their details or images.
Pay special attention to managing passwords and user names. Do not use the same identifying credentials for multiple services, and use two-factor authentication for the most vital services.
People are not always just sincerely interested in you
The interests of foreign intelligence services include, for example, various aspects of Finnish politics and technological progress.
Remember that there may be more to the curiosity of a previously unknown person concerning your work than a sincere desire to make friends. Think about the details that you share with strangers, as the readiness of a work contact to engage in confidential conversation and ask a lot of questions may also be part of a fact-finding scheme targeting you or your organisation.
Be mindful that your speech can be recorded and your actions can be filmed with a view to using such records against you at a later time.
Gifts may also be given in an attempt to influence you. Avoid using any electronic devices that were received as a gift, as their use may expose you to malware and other hazards.