You’ve booked the flight, sorted the visa, and found a coworking space in Lisbon. But have you thought about what happens when you connect your laptop — the one with all your client data, credentials, and business files — to a network you don’t control?
Every café, airport, hotel, and coworking space you connect to is a potential attack surface. Here’s what to sort before you leave.
Before you go
Enable full-disk encryption
If your laptop gets stolen (and it happens — Bangkok, Bogotá, Barcelona are all hotspots), full-disk encryption is the difference between “inconvenient” and “catastrophic.”
- Mac: System Settings → Privacy & Security → FileVault → Turn On
- Windows: Settings → Privacy & Security → Device Encryption (or BitLocker for Pro editions)
- Linux: Encrypt during installation, or use LUKS
Set up remote wipe
If your device is lost or stolen, you need the ability to remotely erase it. Configure this before you need it, not after.
Back up everything to the cloud
Before you leave, make sure your critical files and email are backed up to a service you can access from anywhere. If your laptop is compromised, stolen, or damaged, you need to be able to continue working from a replacement device.
Update everything
Operating system, browser, apps — update them all. Known vulnerabilities are the easiest way in, and patches fix them. Don’t leave home running outdated software.
On the road
Always use a VPN
Public wifi is inherently untrusted. A VPN encrypts your traffic between your device and the VPN server, so even if someone is sniffing the network, they see nothing useful.
Use a reputable VPN with a dedicated IP address — not a free VPN that logs your data and sells it.
Enable DNS filtering
DNS filtering blocks connections to known malicious domains. If you accidentally click a phishing link or visit a compromised website, DNS filtering can stop the connection before any damage is done.
This works alongside your VPN and adds a layer of protection that requires zero thought once configured.
Be paranoid about public wifi
Even with a VPN:
- Don’t access sensitive accounts on networks you don’t trust without the VPN active
- Disable auto-connect to open networks
- Consider using your phone’s hotspot instead of café wifi for sensitive work
- Turn off Bluetooth and AirDrop when you don’t need them
Use a password manager
Every account should have a unique, randomly generated password. You shouldn’t need to remember any of them. A password manager handles this and auto-fills credentials securely.
If you’re still using the same password for multiple accounts, sort this before you leave. It takes an afternoon and dramatically reduces your risk.
Enable two-factor authentication everywhere
Your email, cloud storage, banking, project management tools, social media — every account that supports 2FA should have it enabled. Prefer authenticator apps or hardware keys over SMS.
If something goes wrong
Know your incident response plan
What do you do if your laptop is stolen at 2am in a timezone your family has never heard of?
Have a plan:
- Remote wipe the device immediately
- Change passwords for critical accounts from another device
- Contact your security provider or IT support
- Notify affected clients if their data was on the device
Have a backup device plan
Can you continue working if your laptop is gone? Know where you’d buy or rent a replacement, and make sure your cloud backups let you get back to work quickly.
The checklist
Before you leave home:
- Full-disk encryption enabled
- Remote wipe configured
- Cloud backup running and verified
- OS and apps fully updated
- VPN installed and tested
- DNS filtering active
- Password manager set up with unique passwords
- 2FA enabled on all critical accounts
- Incident response plan written down
- Backup device plan sorted
Don’t do it alone
Configuring all of this properly takes time and knowledge. ShieldMate deploys, configures, and monitors your entire security stack — VPN, endpoint protection, DNS filtering, cloud backup, and more. Set up in 30 minutes, protected wherever you go.