This article summarizes the best practices for IT security while traveling abroad.
Securing devices and data before you travel
- Check your travel destination on the Country Risk Levels website to assess potential danger. Only take devices or information that you will absolutely need. Consider not taking a device that stores university data or personal information to any country listed Medium or higher.
- Remove any sensitive data from local device storage. Instead, ensure that important data are stored remotely on a secure cloud service, like Box. Uninstall software that copies or stores cloud data locally (like Box Drive or Sync).
- Set up multi factor authentication on all important online services and accounts that you may need to access while traveling. USU A# accounts are automatically protected by Microsoft MFA.
- Set strong passwords on your devices and accounts.
- Longer memorable phrases are better than short complex passwords.
- On your smartphone consider using longer PINs or passcodes (6 digit PINs instead of 4, or passphrases instead of PINs)
- Have anti-malware/anti-virus software installed: If you are an employee on a USU-owned computer, ensure you have are in enrolled in a university-managed MDM solution.
- Intune for Windows devices
- Jamf for Mac devices
- Contact your MyTech to ensure your device is properly enrolled in one of these solutions.
- Install and test USU VPN on the devices that will travel to be ready for use. (Instructions for Windows, Instructions for Mac)
- If you are a university employee, consider taking a loaner device from the IT Service Desk instead of your primary work computer or laptop. Email Servicedesk@usu.edu to check for availability. If not, work with your assigned IT support staff to ensure any device you take meets USU security requirements.
- You can email Security@usu.edu travel dates and countries so that they know to expect activity from your account in those areas.
- Contact your cellular/mobile provider to understand international travel services offered by your provider to avoid unexpected charges. And, if you obtain a SIM card or service internationally, we recommend you avoid communicating private sensitive information over those services.
While Traveling
Be vigilant about your surroundings and where and how you use your devices. Make sure to:
- Keep your devices physically secure and out of sight if not in use, especially in public places such as airports, hotels, and restaurants.
- Always lock or log-off of your devices when not in use by you.
- Take care that nobody is trying to steal information from you by spying on your device screen or keyboard while it's in use. Shield device or keyboard from view when entering PINs or short passcodes. Consider using a privacy screen on your laptop to restrict visibility if accessing sensitive information.
- Avoid the use of public computers or internet cafes. They may be using keyloggers to track your keystrokes to steal usernames and passwords or remember your login sessions even if you log off. Multifactor authentication on all services you access can help protect accounts.
- Don't plug devices into public USB charging stations, use power outlets and your own adapters.
- Don't connect to any exterior devices that you don't know and trust. (USB drives, hotel printers, etc)
- Don't connect to unknown Wi-Fi access points or Bluetooth devices.
- Set your devices to not auto-connect to Wi-Fi or Bluetooth devices.
- Use your VPN whenever possible.
- Notify Security@usu.edu if your device is lost or you believe it has been compromised.
Upon Return
- Consider changing any passwords that you used while abroad in case of compromise.
- Run antivirus scans on your devices.
- Monitor your devices, bank accounts, and computer systems for suspicious activity or symptoms.
- Return any loaned equipment.
Additional Resources
USU's Guidelines for International Travel
For further assistance, please contact your Department IT Support or the IT Service Desk