Travel Tips for Cyber Security

Advice

These guidelines are to help you while traveling, especially abroad. They are not intended to be legal advice. If you will be traveling to a country which you believe may be a high risk for U.S. citizens, please contact International Programs Office or the U.S. Embassy for further advice.

 

Install updates before leaving

Install all updates or patches on all of your devices before leaving campus - both for the operating system and applications. This includes all laptops, iPads, phones, or other electronic devices. Contact your TSP or the STC if you need assistance.

Ensure your mobile devices have a passcode

Your laptops and mobile devices should have good pass codes set, including 6 or more digits on your smart phones or tablets. Consider disabling biometrics to limit a third party's ability to access your devices without your permission.

Enable additional authentication to specific applications. This may be supported by your mobile operating system. For Microsoft applications on mobile devices, OIT can enable this for centrally to protect university data.

Enable the "Find" feature for your device

Apple and Google support "Find My" features which also enable remote wipe of your device. 

Consider a loaner device

If at all possible, take a loaner or temporary device instead of your primary laptop or phone which may have multiple years of files on it. In case of theft or loss, the risk is lower for U of I and minimizes the impact to you and the university upon your return. Avoid storing any data on the device, but instead use cloud services, like OneDrive for storing and accessing files. Presence of some applications may raise flags, so minimize the number of applications on your device. Also, if you are traveling on Non-University International travel, you must NOT take any university equipment or resources without prior approval. See APM 70.23 B-5.

Encrypt your laptop

OIT supports standard encryption on Windows and macOS devices using Bitlocker or Filevault. Remember that an encrypted device is most secure when powered off - so turn your laptop off when not in use. University devices are encrypted by default, but contact your TSP if you would like to add encryption on your device.

Change passwords before leaving

We recommend changing your U of I password 1-2 weeks before leaving. This reduces the chance of you needing to change a password while traveling when you may have trouble getting assistance.

Understand potential issues with MFA

Our DUO Multi Factor Authentication helps protect your accounts no matter where you are, but keep in mind the "push" notifications you may be used to only works if you have Internet service. You can still use the Mobile app, however, by opening the app and pressing the key icon to get your current passcode. This can be used with no Internet connection on your phone. Yubikeys (physical tokens) are also available from your TSP or the STC if you wish to take a backup second factor.

Restart devices routinely

There has been a rise in spyware targeting International travelers and higher value targets including researchers and executives mobile devices. In addition to always keeping operating system and applications up to date, restarting your mobile device routinely helps make sure spyware does not persist in memory of the device.

Avoid public WiFi

If possible, avoid public WiFi which may be used or established by criminals or intelligence agencies to spy on your activities or steal data or passwords. If you must use public WiFi, connect to U of I VPN before performing work. This may be slow in some cases, but protects your traffic from prying eyes. U of I VPN may not work in some countries, like China.

Report Incidents

  • It is critical that any lost or misplaced technology or perceived technology security issues get reported quickly to security@uidaho.edu or 208-885-1060 (APM 30.14)
  • Timely reporting is critical for legal and contractual compliance, as well as to ensure coverage under Idaho cyber liability insurance
     

Other Resources

University International Travel APM 70.23
https://www.uidaho.edu/governance/policy/policies/apm/70/23

Department of Homeland Security Cybersecurity while traveling (PDF)
https://www.cisa.gov/sites/default/files/publications/Cybersecurity-While-Traveling-Tip-Sheet-122019-508.pdf

FBI Safety and Security for the Business Professional Traveling Abroad (PDF)
https://www.fbi.gov/file-repository/business-travel-brochure.pdf

Using Duo outside the United States
https://support.uidaho.edu/TDClient/KB/ArticleDet?ID=881 

Electronic Frontier Foundation - Digital Privacy at the U.S. Border
https://www.eff.org/wp/digital-privacy-us-border-2017 

U.S. Customs and Border Protection - Border Search of Electronic Devices at Ports of Entry
https://www.cbp.gov/travel/cbp-search-authority/border-search-electronic-devices

 

Print Article

Related Articles (5)

Follow these tips to help keep your data, accounts, and the university secure!
Supplemental Terms of Use for International Travel information
Remain vigilant this holiday season for hackers, scammers, and online thieves trying to steal your personal and financial information while you shop. To help keep your information secure, please consider the following.
Essential Cyber Security Tips for UI Employees
Loading...