CITS International Travel Tips

Increase your security precautions when visiting sensitive countries or areas (Middle East, China, Russia, and others). Recommendations for highest security include:

• Use clean laptops or other IT devices when available.
• Ensure systems are updated with the most recent security and malware definition files prior to travel.
• Remove all unnecessary UMB data and/or personal data from laptops or electronic devices before taking such devices overseas; take only what you need to complete the reason for your visit. If you cannot afford to lose it, or if the loss of the information or data would create financial or reputational risk to you or the University, leave it at home.
• Remove ALL third-party proprietary, confidential, or sensitive data and all export-controlled data and materials from any electronic devices prior to travel.
• Remove any encrypted files and encryption capable software, other than system critical or software support encryption technologies (for instance, built-in Windows encryption resources). Encryption technologies are strictly controlled for entry and exit from countries such as China.
• Do not use any Wi-Fi connections from unknown third-party providers/sources.
• Always use VPN back into UMB systems; note that China prohibits use of VPN unless specifically approved for use.
• Refrain from using publicly available Wi-Fi connections if possible, even if labeled as secure and/or requiring passwords for use, as these connection points are often subject to intrusion software risks such as keystroke loggers.
• To the extent possible, keep laptops/devices in your personal possession at all times.
• Never accept or attach unknown devices or drives (including flash/USB drives) because malicious code may be installed on such devices at any time, including at manufacture or after.
• Have your electronic devices scanned for malware upon return prior to connection to the UMB network.

In most countries, you have no expectation of privacy in internet cafes, hotels, offices, or public places.

• In some countries, hotel rooms are often searched.
• All information you send electronically — no matter the method — can be intercepted.
• Security services and criminals can track your movements using your mobile computing/electronic device and can even turn on the microphone in your computing/electronic device when you think it is off.
• Security services and criminals can insert malicious software into your computing/electronic device through any connection that they control. When connecting to your home or University systems or networks, this malware can be transmitted back to these systems as well.
• Transmitting sensitive information from abroad is risky.
• If your mobile computing/electronic device is examined, or if your hotel room is searched while you are not present, you should assume that your device’s data has been copied and/or compromised.

Source: Pennsylvania State University (edited)