Communique on physical security 2025-007
Physical security while travelling

On this page

• Time and place
• Be aware
• Contact us

The purpose of this bulletin is to provide Government of Canada (GC) employees with best practices for protecting sensitive information and assets during work-related travel both domestically and internationally. As highlighted in the Directive on Security Management (DSM), limiting access to sensitive information on a needto- know, need-to-access basis is a requirement for all employees, regardless of security-screening level. This responsibility extends to safeguarding conversations, hardcopies, and assets during work-related travel. The RCMP LSA has published physical security guidelines for safeguarding information and assets and the following best practices to mitigate these risks and potential consequences.

With the easing of COVID-19 restrictions, GC employees have resumed domestic and international travel to engage with stakeholders and participate in various work-related events. While this marks a positive return for government operations, it also re-introduces security concerns that have not been taken into consideration for some time; the security of people, information and assets security while travelling. Transportation hubs, conference halls, and hotels are known areas targeted for surveillance by threat actors, making it essential for employees to remain vigilant and practice discretion when travelling.

While travelling, it is important to consider when and where to have work-related conversations. Public places are not advisable, especially if a private or accredited secure setting is available. Sensitive conversations pertaining to GC information should never be discussed in public spaces; GC employees should utilize an area or zone appropriate to the category of information being discussed. While many government employees are privy to a large amount of official and sensitive information, it is important to keep in mind that this information is entrusted to the departments and agencies who require it to perform their function. Employees are not authorized to share information to those without the appropriate security screening status or clearance and a need-to-know, need to-access.

GC employees should understand that they are prime targets for surveillance whether travelling domestically or abroad. The nature of their work, their position’s security level, and access privileges to facilities, information, and assets are highly prized by threat actors. Surveillance can be human or electronic and may either be covert or overt. All employees who suspect, or become aware of, surveillance efforts must report the occurrence to their Department/Agency’s Security Organization immediately.

GC employees have a responsibility to safeguard themselves and GC information and assets entrusted to them to protect the integrity of GC operations. Below are key considerations to keep in mind when engaging in work discussions while travelling, especially in public environments.

Time and place

Conversations

• Ensure all work-related sensitive conversations are happening in the appropriate zones/areas.
• When engaging in conversations in public, consider what information is being discussed, and how it may be perceived if it is overheard.
• Avoid having conversations pertaining to sensitive personal information (health, finances, area of work, etc.) in public places.
• If appropriate zones/areas are unavailable, do not have sensitive conversations until such a space becomes available.
• When discussing official business, consider using “veiled speech” such as: the project or the effort, instead of specifics.

Visual information

• When possible, avoid carrying hardcopy information and always transport in accordance with GC security policy.
• Ensure to position your laptop or work phone to prevent unauthorized viewing.

Information assets

• Maintain positive control of GC-issued devices throughout your travel. Avoid displaying them when in transit.
• Consult your Department’s IT and Security groups for advice on security apps or to request a travel work phone with limited access to GC information.

Be aware

Maintaining vigilance on information

• Espionage can occur in any environment including domestically or “safe” countries.
• Ensure unauthorized persons are not eavesdropping (“shoulder surfing”) when engaging in sensitive conversations.
• Take note of where people are located when you enter a public space; threat actors may attempt to find favourable positions to overhear conversations.
• Be mindful of your surroundings; threat actors may reposition themselves or display body language which may indicate they are eavesdropping.
• Avoid eating, drinking, or travelling alone; use the “Buddy System” and confirm you have safely returned to your rooms.
• Never leave food or drinks alone; if unsure of the integrity of your food or drink, do not consume it, and if drinking alcohol, do so in moderation.
• Do not transport or use drugs that are illegal enroute to, or in the location of travel.
• Beware of unknown persons who attempt to befriend or know more about you than they should.
• Do not accept gifts; it may lead to expectations or commitments or violate GC Values and Ethics. If absolutely required, accept and report the gift to your Department’s Values and Ethics group.

Do

• Plan your transportation to and from locations in advance, with reputable travel providers.
• Review the Official Travel Advice and Advisories regarding safety and security risks at your destination.
• Contact the Official Travel office at IRCC or review the site: Official travel: Apply for a foreign visa for information on passports and entry/visa requirements for employees travelling on GC business.
• Sign up with the free Registration of Canadian Abroad system to receive important updates.
• Prioritize reputable accommodation such as brand name hotels and corporate apartments, which usually provide emergency support infrastructure over less secure options like Airbnb, VRBO, or hostels.
• Traditional transportation options should be preferred such as reputable taxi companies, trains/subways, and verified drive services over independent or gig transport options.
• Only bring what you need when it comes to travel documents, credit or bank cards, and other personal information. Carry emergency contact information in case of theft or loss.
• Limit information held on mobile devices and set them to Airplane Mode if surrendering to Customs. Secure all devices and accounts with strong passwords, and turn off biometric sign in. Review Mobile devices and Business Travellers.
• Maintain positive control of your mobile devices at all times. If tampering is suspected, turn off and report it to your Department’s Security and IT groups immediately.
• Use GC-issued power cords when charging your issued mobile devices and use a secure charging USB adaptor which allows power only connection.

Don't

• Don’t bring your portable work devices if you may be asked to surrender them.
• Don’t leave your work devices unattended in a hotel, including the provided room safe or assigned reception desk safe.
• Don’t connect your work phone to rental vehicles.
• Don’t scan QR codes with your work phone.
• Don’t connect to unsecured Wi-Fi at hotels, conferences, or any public areas.
• Don’t publicly wear clothing or items that will easily identify you or your organization.
• Don’t log into personal or work accounts on public infrastructure such as at hotel Office Centres or airport Business Lounges.
• Don’t copy or scan sensitive documents using non-GC equipment.
• Don’t plug conference-supplied thumb drives or SD cards into your work computer.
• Don’t plug your laptop into hotel video infrastructure unless it has been proven as safe.
• Don’t behave in any manner that may be used to compromise you, your department, or the GC.

Contact us

Contact the RCMP LSA with your Physical Security inquiries at RCMP LSA Org Email: rcmp.lsa-grc.posm@rcmp-grc.gc.ca or visit the RCMP LSA web page.