Tech Byte: Tips When Traveling Internationally or for Study Abroad
When it comes to traveling internationally with technology, less is best. The University recommends faculty, staff and students traveling outside the country leave any devices at home that are not needed.
Traveling overseas dramatically increases the risk of a potential compromise of electronic devices, including smartphones, laptops and tablets. It is recommended that loaner laptops be used whenever possible.
When traveling internationally, it is important to remember the following:
• U.S. Customs and Border Protection has the right to examine electronic files on mobile computing/phones/electronic devices; this includes both business and personal files and information. Americans can expect similar treatment when visiting other countries. Refusal to comply can result in seizure of the device or denial of entry into the host country.
• When traveling abroad, there is no expectation of privacy. Always assume in the destination country, U.S. ports of entry and in transit, eavesdropping may take place on all electronic communications.
• You must return with the mobile computing/electronic devices, and the device cannot contain any enhanced encryption applications or software (i.e., software that is not “off-the-shelf”).
• You cannot share or release any controlled technology (listed on the U.S. Commerce Department “Commerce Control List” or U.S. State Department “Munitions List”).
What Can Be Taken Outside the Country?
• Off-the-shelf mobile computing/electronic devices
• Standard operating systems and encryption programs that do not allow enhanced security capabilities.
• Commercially available software applications or general purpose commercially available scientific/engineering programs.
• Stored research data that has already been published in journals or online, or data that has been generated for projects intended to be published and is not restricted by a confidentiality clause or restricted from general dissemination.
What is Restricted?
• Data or information that is covered by a confidentiality agreement (consult general counsel if needed).
• Data or analyses related to projects for which there are contractual constraints on the dissemination of the results (consult general counsel if needed).
• Confidential or sensitive information even if it is encrypted.
•Plan for Using Multi-Factor Authentication Abroad (Duo) – Access to Truman services and resources protected by multi-factor authentication (including email) will not work from abroad unless arrangements have been made to accommodate this before leaving the country. Contact the IT Service Center to let them know the dates of travel and the countries that will be visited.
• Use a Loaner Device – If possible, international travelers should arrange to use loaner devices while traveling abroad. Load only essential data and information that will be needed while traveling and be sure to set password controls.
• No Loaner Device Available? - If loaner devices are not available, take the following steps to prepare the system for international travel:
o Back up all data and remove information not essential to travel.
o Do not allow services or applications to store passwords. Remove this option for current systems, including email and Wi-Fi.
o Update all antivirus, security patches and firewalls.
o Set up password protection on your devices. Require a password to start and unlock the device.
• Keep Devices with You - Do not leave any electronic devices (cell phones, laptops, tablets, etc.) unattended, even in hotel rooms or safes. Do not pack electronic devices in checked bags.
• Be Wary of Public Wi-Fi - Wi-Fi hotspots for public use are targets for information theft. While on public Wi-Fi, devices are vulnerable to data miners. Connect to Truman’s Virtual Private Network (VPN) whenever possible or avoid visiting websites that contain confidential information, such as banking websites, to keep personal information secure.
• Disconnect When Possible - Turn off Bluetooth, cellular services and Wi-Fi any time they are not in use.
• Return Any Loaner Devices - Remove all data from loaner devices.
• Multi-Factor Authentication (Duo) Reset - Contact the IT Service Center to let them know upon returning to the United States.
• Change Your Passwords - Change passwords on any service, device or applications accessed while traveling or that shares a password used while traveling.
• Sanitize Your Devices - When possible, reinstall the operating system on any devices carried on the trip. Otherwise, request that an IT staff member analyze any device for malware or unauthorized access.
Traveling overseas dramatically increases the risk of a potential compromise of electronic devices, including smartphones, laptops and tablets. It is recommended that loaner laptops be used whenever possible.
When traveling internationally, it is important to remember the following:
• U.S. Customs and Border Protection has the right to examine electronic files on mobile computing/phones/electronic devices; this includes both business and personal files and information. Americans can expect similar treatment when visiting other countries. Refusal to comply can result in seizure of the device or denial of entry into the host country.
• When traveling abroad, there is no expectation of privacy. Always assume in the destination country, U.S. ports of entry and in transit, eavesdropping may take place on all electronic communications.
• You must return with the mobile computing/electronic devices, and the device cannot contain any enhanced encryption applications or software (i.e., software that is not “off-the-shelf”).
• You cannot share or release any controlled technology (listed on the U.S. Commerce Department “Commerce Control List” or U.S. State Department “Munitions List”).
What Can Be Taken Outside the Country?
• Off-the-shelf mobile computing/electronic devices
• Standard operating systems and encryption programs that do not allow enhanced security capabilities.
• Commercially available software applications or general purpose commercially available scientific/engineering programs.
• Stored research data that has already been published in journals or online, or data that has been generated for projects intended to be published and is not restricted by a confidentiality clause or restricted from general dissemination.
What is Restricted?
• Data or information that is covered by a confidentiality agreement (consult general counsel if needed).
• Data or analyses related to projects for which there are contractual constraints on the dissemination of the results (consult general counsel if needed).
• Confidential or sensitive information even if it is encrypted.
What to Do Before Traveling Internationally -
• Use a Loaner Device – If possible, international travelers should arrange to use loaner devices while traveling abroad. Load only essential data and information that will be needed while traveling and be sure to set password controls.
• No Loaner Device Available? - If loaner devices are not available, take the following steps to prepare the system for international travel:
o Back up all data and remove information not essential to travel.
o Do not allow services or applications to store passwords. Remove this option for current systems, including email and Wi-Fi.
o Update all antivirus, security patches and firewalls.
o Set up password protection on your devices. Require a password to start and unlock the device.
What to Do While Traveling Internationally -
• Be Wary of Public Wi-Fi - Wi-Fi hotspots for public use are targets for information theft. While on public Wi-Fi, devices are vulnerable to data miners. Connect to Truman’s Virtual Private Network (VPN) whenever possible or avoid visiting websites that contain confidential information, such as banking websites, to keep personal information secure.
• Disconnect When Possible - Turn off Bluetooth, cellular services and Wi-Fi any time they are not in use.
• Loss or Theft - Immediately report loss or theft of electronic devices to the local authorities and Truman’s IT staff. Do not wait to return to report loss or theft. Take the necessary contact information along and store it separately from electronic devices.
What Should I Do When Returning from International Travel?
• Multi-Factor Authentication (Duo) Reset - Contact the IT Service Center to let them know upon returning to the United States.
• Change Your Passwords - Change passwords on any service, device or applications accessed while traveling or that shares a password used while traveling.
• Sanitize Your Devices - When possible, reinstall the operating system on any devices carried on the trip. Otherwise, request that an IT staff member analyze any device for malware or unauthorized access.