Business phone international travel is the single highest-risk window in the life of a company handset. In a normal week the device sits inside known Wi-Fi, behind a known firewall, and within physical reach of a known owner. The moment that phone crosses a border, every one of those assumptions breaks at the same time, and the cost of getting it wrong now sits well above the cost of the phone itself.
This guide is written for UK directors, IT managers and travelling staff who need a practical 2026 playbook — not a marketing piece. It covers the real network costs, the security exposure, the heat and cold problems, the customs grey areas, and the exact pre-trip and post-trip steps to take. If you also issue handsets to field engineers or sales teams, pair this with our business mobile contracts and mobile device management service pages for the procurement and lock-down layer.
1. Why travel is the highest-risk window for company phones
On any normal working day a UK company phone faces three risks in sequence: someone might steal it, someone might trick the user into giving up data, or the user might run up a bill. Travel multiplies all three at once and adds two new ones — heat damage and cross-border data exposure.
The Association of British Insurers and major UK insurers have flagged for several years that mobile phones are the most-claimed travel insurance item by frequency. The pattern is consistent: a phone is taken from a cafe table in Barcelona, a hotel lobby in Lisbon, an unattended hire car in Florida, or a beach bag in Dubai. None of these losses are unusual. What is unusual is how often the device is unencrypted, unenrolled in MDM, and signed into a corporate Microsoft 365 or Google Workspace account with no second factor enforced.
Then there is the bill. UK networks moved away from “free EU roaming” between 2021 and 2023. Most business tariffs in 2026 either include a generous EU allowance or use a day-pass model. Either way, an employee who steps off a Heathrow flight, tethers a laptop, joins a 90-minute Teams call and streams Netflix in the hotel can rack up four-figure charges in a week if their tariff is wrong. The good news: a single phone call to your account manager before the trip almost always prevents this.
The 2026 risk triangle
- Financial — uncapped roaming, premium-rate calls home, tethering surcharges, data overage
- Security — device theft, shoulder surfing, hostile networks, compelled border unlock
- Physical — heat damage in cars and hotel rooms, water damage at the pool, drop damage in transit
Get a written policy that addresses all three and you have already done more than 80% of UK SMEs we speak to. The remaining work is enforcement, and that is where MDM earns its monthly cost.
2. The 2026 UK network landscape for business roaming
Every major UK network restructured its business roaming proposition over 2024 and 2025. Below is the picture as it stands at the time of writing in early 2026. Always check the current tariff with your account manager before a trip — wholesale rates have moved several times.
EE business roaming 2026
EE’s “Roam Abroad” pass is included on most business plans for Zone 1 (EU, plus the bulk of European destinations and a small number of others). For Zone 2 — typically the US, Canada, Australia, New Zealand and a long tail of others — a daily Roam Abroad pass is around £6 per day for unlimited use of the UK plan’s minutes, texts and data. For destinations outside the included list, charges revert to per-MB pricing that gets expensive fast.
O2 and Virgin Media O2 business roaming 2026
O2 business tariffs continue to include EU roaming on most plans (subject to fair-use, generally 25-30GB per month). Outside the EU, O2 sells a daily Travel Bolt-On for around £6 in popular destinations and £7-£8 in more remote ones. Fair-use limits apply: even on “unlimited” UK plans, expect a hard cap of around 25-30GB of EU data per month before throttling.
Three business roaming 2026
Three’s “Go Roam” used to be the gold standard. In 2026 the EU element survives on most business plans (capped at 12-20GB depending on tariff), but Rest-of-World inclusive destinations have been pared back. Day-pass pricing in non-included destinations is broadly in line with the others at £5-£7.
Vodafone business roaming 2026
Vodafone splits the world into Zones A, B and C. Zone A (EU plus a small set of others) is often inclusive on business plans. Zones B and C use a £6-£8 per-day “Global Roaming” pass that gives access to your UK allowance. Vodafone publishes a clear zone list — confirm yours before a trip rather than relying on memory.
Sky Mobile business 2026
Sky Mobile remains a smaller player in business, but offers genuinely competitive EU roaming inside the EU fair-use limits, and a £2 per day “Roaming Passport Plus” for the EU on accounts that do not include it. Outside the EU, rates are competitive but day-pass coverage is narrower than the big four.
What this means for procurement
If more than 20% of your handsets travel more than four times a year, the roaming inclusion in the tariff is now more important than the headline data allowance. Cheap tariffs with no inclusive roaming end up more expensive once £5-£8 per day per phone is layered on. We cover the underlying procurement choice in our business mobile contracts guide.
3. eSIM vs physical SIM vs travel SIM — which to use when
2026 is the first year where eSIM-only business is genuinely practical. The iPhone 14 onwards (US-market) and iPhone 17 globally support eSIM. Most flagship Android handsets since 2023 do too. That changes the travel calculus.
Your UK business SIM with a roaming pass
Best when: the trip is short (under 7 days), the destination is included or day-pass priced, the user needs to be contactable on their normal UK number, and the cost is acceptable. This is the default and we recommend it for any senior staff member whose UK number is publicly known.
A dedicated eSIM travel plan
Best when: the trip is longer (over a week), data-heavy (video calls, photo upload), or the destination has poor day-pass pricing. eSIM travel providers in 2026 typically charge $10-$25 for 5-10GB across most regions, often with regional bundles for Europe, Asia, the Middle East and the Americas. The user keeps their UK SIM active for incoming calls and SMS (for 2FA codes), and routes data through the travel eSIM.
A physical local SIM
Best when: the user is on the ground for weeks, needs a local number for clients, or the destination is one where eSIM tourism plans are restricted (parts of China, some Middle East markets). Slightly more friction, but unbeatable local pricing.
A dedicated travel handset
Best when: the destination is high-risk for device search or seizure, or the company has classified data on the primary handset. A cheap, clean, factory-reset Android handset with a fresh Google account, no corporate apps, and a travel SIM is sometimes the safest answer. This is more common than people realise among legal, finance and journalism staff.
The dual-SIM combination that works for 95% of trips
- Keep your UK business eSIM active for incoming calls, SMS and 2FA
- Add a travel eSIM as the data line
- Disable mobile data on the UK eSIM in the device settings before landing
- Allow SMS over Wi-Fi/iMessage so authentication codes still arrive
This single setup handles most EU and global trips, keeps the bill predictable, and avoids the “I missed the call from the office” problem.
4. The heat dimension — phones in hot climates
Heat is the most underrated travel risk. Apple specifies an operating range of 0°C to 35°C for iPhones. A car dashboard in Spain in August can hit 60°C in 30 minutes. A hotel windowsill in Dubai is similar. Charging a phone above 35°C accelerates lithium-ion degradation measurably — your colleague comes home with a phone that drains in four hours instead of nine, and IT gets the blame.
The full chemistry, the field data and the prevention checklist live in our companion piece on phone overheating causes. The travel-specific points are:
- Never leave a phone in a parked car — even with the windows cracked, even in shade
- Do not charge in direct sunlight — hotel desks beat windowsills every time
- Take the case off when charging in heat — most cases trap 5-10°C of extra heat at the back of the device
- Stop using location-heavy apps when the device feels warm — Maps and rideshare apps are the worst offenders
- If the on-screen overheating warning appears, stop and let it cool — never put a hot phone in a fridge or freezer, that causes condensation damage
5. The cold dimension — winter destinations and battery behaviour
Cold is less destructive than heat but more disruptive in the moment. Lithium-ion batteries lose 20-40% of their effective capacity at 0°C and stop charging entirely at sub-zero temperatures. A phone that shows 60% battery on the ski lift can hit 15% by the time you reach the top. It will recover most of that capacity once it warms up, but the immediate user experience is “my phone died”.
For ski, mountain and northern-hemisphere winter travel:
- Keep the device in an inside pocket against body heat, not in an outer ski jacket pocket
- Use a USB-C power bank kept inside a jacket, not a hard case in a backpack
- Expect rapid drain on camera and GPS use in sub-zero conditions
- Avoid rapid temperature swings (cold outside, hot lodge) — condensation can form inside the device, particularly around the speaker grille
Cold-related shutdowns are not battery damage. They are protection cut-offs. The longer-term effect on business phone battery health is small compared to a sustained hot summer.
6. Theft prevention — physical, software, MDM
Most travel-phone losses fall into a small number of well-known scenarios. Build your policy around those, not around exotic threats.
The five most common ways a UK business phone is stolen abroad
- Cafe and bar tables — phone placed face-down, lifted by an “accidental” jacket sweep
- Restaurant snatch-and-run — particularly in southern European tourist zones
- Hotel rooms with poor safes — chains where housekeeping has master codes
- Airport security trays — quietly removed during the X-ray bottleneck
- Hire cars at scenic stops — windows broken in under 20 seconds
Physical prevention
None of this is exotic. Keep the phone in a zipped inside pocket when not in use, never face-down on a table near an aisle, never in an unlocked hotel safe, never in a parked hire car (also see the heat section). A discreet, cheap-looking case is better than a high-end one.
Software prevention
- Strong six-digit (or alphanumeric) device passcode — not 1234, not the user’s birthday
- Face ID or fingerprint enabled (faster than typing and harder to shoulder-surf)
- USB Restricted Mode on iOS (Settings → Face ID & Passcode → USB Accessories OFF)
- Find My iPhone / Find My Device permanently on
- Automatic iCloud / Google Drive backup running before departure
- 2FA on every business account, with codes either to the same SIM or to an authenticator app — never to a personal number that is also on the same phone
MDM enforcement
This is where Intune, Jamf, Google Workspace or Kandji earn their licence cost. A properly configured MDM gives IT a one-click ability to: locate the device, lock it, push a custom “lost device” message with a UK contact number, wipe corporate data while leaving personal data intact (selective wipe), or fully reset the device. The full platform comparison sits in our MDM platform comparison, and the policy framework is covered in the Cyber Essentials BYOD requirements guide.
If the company is signed up to Cyber Essentials, MDM enforcement is not optional — it is part of the secure configuration control. Roaming staff are the most likely group to expose a non-compliant device.
7. What to do if a phone is lost or stolen abroad — the timeline playbook
Print or save the steps below before any major trip. The person who needs them is rarely thinking clearly.
The first 30 minutes
- Confirm it is genuinely lost — search hotel room, bag, last venue
- From any other device, sign in to iCloud (Find My) or Google (Find My Device)
- If the device shows on the map, “Mark as Lost” — this locks it and shows a custom message
- If the device is offline, set the lost-mode flag anyway — it activates next time the device pings
- Change the user’s Microsoft 365 / Google Workspace password from another device
- Revoke active sessions in the admin console
The first 2 hours
- Call the UK network’s business stolen-phone line to suspend the SIM (numbers below)
- From the MDM console, push a remote lock and confirm it took
- If the device contains classified data and is high-risk, escalate to selective or full wipe
- Notify the line manager and the IT lead — not by SMS to the missing number
- If theft is confirmed, file a report at the nearest police station and get a written reference number (you will need it for the insurance and the network)
The first 24 hours
- Notify the insurer (business travel policy, gadget cover or fleet policy)
- If personal data of customers or staff was on the device, run the GDPR breach assessment — has the data realistically been accessed?
- If the answer is yes, the 72-hour ICO notification clock starts at the moment of discovery
- Order or courier a replacement handset to the user’s hotel, or restore service via a spare SIM if the trip ends within 48 hours
UK network stolen-phone numbers (call from any line)
- EE Business — call 158 from another EE number, or +44 7953 966250 from abroad
- O2 Business — call 8002 from another O2 number, or +44 7860 980 202 from abroad
- Vodafone Business — call 191 from another Vodafone number, or +44 7836 191191 from abroad
- Three Business — call 333 from another Three number, or +44 7782 333333 from abroad
- Sky Mobile — call 0800 759 759 (free in UK), or +44 1442 320 050 from abroad
Always confirm these numbers on the network’s official site before travel — they change.
8. Border and customs considerations — device search and compelled unlock
This is the section most UK business travellers ignore until it happens to them. Border officers in several jurisdictions can require you to unlock your phone. Refusing has consequences ranging from denied entry to detention, depending on the country and your immigration status.
UK border
UK Border Force has powers under Schedule 7 of the Terrorism Act 2000 to examine devices at ports of entry, and can require passwords. Most travellers will never encounter this, but the legal position is established.
United States
US Customs and Border Protection (CBP) can perform “basic” searches of any traveller’s device without suspicion, and “advanced” forensic searches with reasonable suspicion. UK citizens entering the US are not exempt. Refusing to unlock can lead to detention of the device for weeks. CBP policy is that searches should be of data resident on the device, not cloud-stored data — so put the phone in airplane mode before the queue.
EU
EU border practice varies by member state. Forensic search is uncommon for routine business travel, but cargo and irregular-entry routes see more activity.
Middle East and Asia
Several jurisdictions actively inspect devices — particularly the UAE, Saudi Arabia, Singapore, China and India at land borders. Encrypted apps, VPNs and certain communications tools are restricted or banned in some of these.
Practical defences
- Travel with the minimum data you need — selective wipe before, restore after
- Disable biometric unlock in jurisdictions where unlock can be compelled — a refusal-to-disclose-passcode case is legally different to a fingerprint applied to a sensor
- Use a dedicated travel handset for genuinely sensitive trips
- Sign out of cloud services that contain client data
- Never bring a phone containing legally privileged material to a high-risk border without a written travel-security plan
If your team handles legal, medical, financial or journalistic material, get specific legal advice from a UK firm before the trip. This article is general guidance, not legal advice.
9. Pre-trip checklist — the 30 minutes that prevents 95% of incidents
One week before
- Confirm the destination is on the network’s inclusive roaming list, or buy the right travel eSIM
- Confirm MDM enrolment is active and the device has checked in recently
- Confirm Find My / Find My Device is on
- Confirm cloud backup is current
- Issue or refresh the lost-phone playbook to the traveller
The day before
- Full backup to iCloud or Google
- Software updates installed (do not start a trip on out-of-date OS)
- Selective wipe of any data not needed for the trip
- Sign in to a secondary device or laptop with the same accounts so 2FA codes can be received elsewhere
- Confirm 2FA codes go to authenticator app, not SMS only to the travelling SIM
At the airport
- Phone on airplane mode through security
- Disable mobile data on UK eSIM if using a travel data eSIM
- Enable the travel eSIM as default data line on landing
- Take a quick photo of the IMEI label on the box, or note it from Settings — see our find your phone’s IMEI number guide if you do not have it
10. Post-trip cleanup
Returning is the second-most-risky phase. The phone has been on hostile networks, possibly had a travel SIM in it, and the user is tired. The two-minute cleanup matters.
- Disable the travel eSIM (do not delete it if you might return — keep a fresh one each trip if storage allows)
- Re-enable mobile data on the UK SIM
- Run OS updates that were skipped during travel
- Review installed apps — anything new or unexpected gets deleted
- Check for new accessibility, VPN or device-management profiles that were not there on departure
- Change the device passcode if it was unlocked in front of strangers (border, security, hotel staff)
- Re-confirm MDM check-in
11. Company travel policy template
A written policy is the single highest-leverage thing a UK SME can put in place. The policy below is a starting framework you can adapt. Have it reviewed by your legal and HR lead before issuing.
Suggested policy clauses
- Eligibility — which roles may travel internationally with a company phone
- Approval — line manager and IT lead sign-off required for non-EU destinations
- MDM enrolment — mandatory and verified before departure
- Roaming method — default to network day-pass for under-7-day trips, travel eSIM for longer
- Cost ownership — company pays for inclusive roaming and approved eSIMs, employee pays for non-business calls and personal data on a flagged usage line
- Lost-phone reporting — within 1 hour of discovery, to the named IT lead and named finance lead
- Border policy — refusal to surrender unlock codes only after consultation; selective wipe before high-risk borders
- Post-trip review — 5-minute IT check-in within 48 hours of return
- Insurance — every traveller must know whether the device is covered by business travel insurance, gadget cover or fleet policy, and the claim number
Pair this policy with the broader hardware-care guidance in our business mobile device care guide, and the insurance-economics piece on cracked screen and water damage costs. Together they cover the three layers most UK SMEs leave undocumented: care, repair and travel.
The total-cost-of-travel calculation most finance teams get wrong
A “saved” £40 on roaming is not a saving if it leads to one missed sales call. A “saved” £15 a month on MDM licensing is not a saving if it leads to a £40,000 breach notification cost. The maths is straightforward once written down.
- Typical mid-trip productivity loss from a dead or stolen phone — half a day to two days of senior time
- Typical replacement handset cost on emergency courier — £600-£1,400 depending on model
- Typical breach notification cost in the UK (legal advice + ICO process + remediation) — £15,000-£100,000+ for SMEs
- Typical roaming day-pass cost — £5-£8
Spending an extra £100 a year per traveller on the right tariff, MDM seat and travel insurance is invariably the right call. The companies that get this wrong are usually not stingy — they have simply never written down the comparison.
How Connection Technologies helps with travelling teams
We are a UK telecoms and IT partner that procures business mobile contracts across every major network, configures MDM for SMEs, and writes travel-ready policies for clients in legal, finance, construction and professional services. If your sales, engineering or leadership team is on the road in 2026, talk to us before the next trip — most fixes are cheap when planned and expensive when reactive.
For procurement and tariff selection, see our business mobile contracts page. For lock-down and policy enforcement, see our mobile device management service. For specific battery and overheating questions, the companion guides linked above go into more depth.
Frequently Asked Questions
In almost every developed country, yes. All four major UK networks (EE, O2, Vodafone, Three) have wholesale roaming agreements covering Europe, North America, Australia, New Zealand, much of Asia and the Middle East. Confirm the destination is on your tariff’s inclusive list before travel, or buy a day-pass or travel eSIM. The few destinations where UK SIMs struggle in 2026 are parts of central Asia, North Korea, and some sanctioned jurisdictions.
Most UK business tariffs include EU roaming on a fair-use basis, typically capped between 12GB and 30GB per month depending on the network and plan. Where it is not included, day-passes sit between £2 (Sky) and £8 (Vodafone/EE outside the EU zone) per day. Business travellers who go to the EU more than once a quarter should be on a tariff with EU roaming bundled in — it almost always works out cheaper than per-day pricing.
Mark the device as lost via Find My iPhone or Find My Device from another phone, then change the user’s Microsoft 365 or Google Workspace password and revoke active sessions. Call the UK network’s stolen-phone line within two hours to suspend the SIM, push a remote lock or selective wipe from MDM, file a local police report for the insurance claim, and notify the IT and finance lead. If personal data was on the phone, run a GDPR breach assessment within 72 hours.
Yes, provided the device has an internet connection (mobile data or Wi-Fi). MDM platforms like Microsoft Intune, Jamf, Google Workspace and Kandji all support overseas location, lock, message and wipe. The device needs to be enrolled before it leaves the UK — you cannot retroactively enrol a phone that is already missing. Find My iPhone and Find My Device work in parallel and do not require corporate MDM, but lack the policy enforcement.
Generally no. A personal SIM in a company phone creates a billing grey area, complicates expenses, and risks personal data mingling with business data on the same device. The better pattern is a UK business eSIM for incoming calls and 2FA, plus a dedicated travel eSIM for data. If an employee absolutely needs a personal SIM, document it in policy and use the device’s dual-SIM data routing controls to keep work data on the work line.
Three rules cover it. First, confirm the tariff before travel and add a roaming pass if needed — never assume the old “free EU roaming” still applies. Second, disable mobile data on the UK SIM and use a travel eSIM for data-heavy use. Third, set a spend cap with your account manager — every major UK business network offers one, and the default is usually far too high. Doing all three brings the typical trip cost back under £20-£50 in network charges.
Get a roaming-ready business mobile plan:Business Mobiles | Hosted VoIP
Related Reading
More from the Connection Technologies blog.