CITS International Travel Tips
Increase your security precautions when visiting sensitive countries or areas (Middle East, China, Russia, and others). Recommendations for highest security include:
- Use clean laptops or other IT devices when available.
- Ensure systems are updated with the most recent security and malware definition files before travel.
- Remove all unnecessary UMB data and/or personal data from laptops or electronic devices before taking such devices overseas; take only what you need to complete the reason for your visit. If you cannot afford to lose it, or if the loss of the information or data would create a financial or reputational risk to you or the University, leave it at home.
- Remove ALL third-party proprietary, confidential, or sensitive data and all export-controlled data and materials from any electronic devices before travel.
- Remove any encrypted files and encryption-capable software, other than system-critical or software support encryption technologies (for instance, built-in Windows encryption resources). Encryption technologies are strictly controlled for entry and exit from countries such as China.
- Do not use any Wi-Fi connections from unknown third-party providers/sources.
- Always use VPN back into UMB systems; note that China prohibits the use of VPN unless specifically approved for use.
- Refrain from using publicly available Wi-Fi connections if possible, even if labeled as secure and/or requiring passwords for use, as these connection points are often subject to intrusion software risks such as keystroke loggers.
- To the extent possible, keep laptops/devices in your personal possession at all times.
- Never accept or attach unknown devices or drives (including flash/USB drives) because malicious code may be installed on such devices at any time, including at manufacture or after.
- Have your electronic devices scanned for malware upon return before making a connection to the UMB network.
In most countries, you have no expectation of privacy in internet cafes, hotels, offices, or public places.
- In some countries, hotel rooms are often searched.
- All information you send electronically — no matter the method — can be intercepted.
- Security services and criminals can track your movements using your mobile computing/electronic device and can even turn on the microphone in your computing/electronic device when you think it is off.
- Security services and criminals can insert malicious software into your computing/electronic device through any connection that they control. When connecting to your home or University systems or networks, this malware can be transmitted back to these systems as well.
- Transmitting sensitive information from abroad is risky.
- If your mobile computing/electronic device is examined, or if your hotel room is searched while you are not present, you should assume that your device’s data has been copied and/or compromised.
Source: Pennsylvania State University (edited)