Information, Technology & Consulting

Updated IT Security Guidelines for International Travel

 

Planning to take a trip out of the country? Follow these updated security guidelines for protecting your devices and data when you travel abroad. Contact your IT support team for assistance with implementing these protections.

 

 

Before You Go

  • Back up all data, and take only the minimum data necessary or a clean loaner machine.
  • Work with your IT support team to remove or restrict saved passwords to sensitive or privileged data.
  • Consider whether it’s feasible to use disposable accounts for email, file sharing and any other required services, while you're traveling.
  • Ensure these security features are enabled on all your mobile devices:
    • Encryption (see Encryption Considerations, below)
    • PIN (personal identification number) or strong password protection
    • Auto-lock after inactivity
    • Auto-wipe after failed login attempts
    • Device location services
    • Remote wipe
  • Don’t pack devices in checked luggage, though you may have no choice with laptops due to terrorist threat levels.

While you’re there

  • Use a Virtual Private Network (VPN).
  • Do not access systems or accounts that are not absolutely necessary during your trip.
  • Avoid connecting USB and similar 3rd party devices to your computer.
  • Turn OFF WiFi, Bluetooth, and Infrared services when not in use. Disable the ‘connect automatically’ to wireless network feature.
  • Enable host-based firewall and antivirus programs.
  • Turn off AND tape over the camera lens and microphone on your devices, when not using those features.
  • If you have a removable battery, remove it when not in use.
  • Don’t leave your devices unattended.

When you return

  • Change your passwords.
  • Monitor your accounts for unusual activity.
  • Scan your systems and data before use.

Encryption Considerations

  • Commercial grade encryption is permissible for travel outside the US, and for use in most countries.
  • Foreign regulations are unclear and changing constantly.
  • Encryption exceptions:
    • Do not use encryption in Cuba, Iran, North Korea, Sudan and Syria.
    • Encryption not recommended for use in China and Russia; use clean devices instead, with only the info you need (see Before You Go, above).
  • IN ALL CASES: While outside the US, if asked for your encryption password by government agents, give it up without argument.
Department: 
Close
Information, Technology & Consulting