International Travel Security Guidelines

International travel can pose significant risks to information stored on or accessible through computers, tablets and smartphones that we take with us.  This risk is associated with: 

  1. Increased opportunities for the loss or theft of the device, and 
  1. Increased exposure to untrusted Internet connections. 

Preparation will go a long way to making your trip easier , safer and more enjoyable. 

Before Your Trip 

  • Travel light:  Don’t need it? Leave it at home!  This includes laptops, tablets, cell phones, USB thumb drives, and cameras with flash media capability. 
  • Get a loaner:  Take a loaner laptop with you on your trip, contact Information Technology Services (ITS) and allow 2 weeks, it’s essential your laptop is encrypted. 
  • Travel with “clean” devices:  Your loaner laptop will be encrypted and for any other devices you choose to take be sure to remove sensitive data.  You should not travel with restricted data unless it is required.  To remove the sensitive data:   
    • Backup the data to a secure location (consult with ITS support). 
    • Remove sensitive data completely and securely from your device (consult with your ITS support on methods for secure data removal). 
  • PLEASE NOTE:  MAKE SURE THAT YOU HAVE NOT STORED RESTRICTED DATA ON ANY DEVICE WITH WHICH YOU WILL BE TRAVELING.  Refer to the University Data Classification Policy for more information.  If the data is a necessary part of the trip, your device must be encrypted.  Consult with ITS support for the appropriate encryption tool and procedure.  
  • Erase history: Including, browser history, and especially saved passwords.  
  • Use strong passwords and device timeouts:  Set up strong passwords for all accounts, and set your device to “time out” when idle. 
  • Set up a wipe: Consider setting the device to “wipe” the device’s content after ten (10) incorrect login attempts.  
  • Go disposable:  If you require a cell phone while overseas, consider purchasing a “burner” or disposable phone in the destination country.  
  • Clean other mobile devices, too:  If you must take your cell phone or tablet with you, securely erase all sensitive data, including stored passwords.   
  • Encrypt devices:  All devices, whether University-owned, personal, or “loaners,” should be encrypted.   
    • Consult with ITS support for appropriate encryption applications.   
    • Contact your cell phone provider for encryption options. 
  • NOTE:  Some countries, such as China, Israel, and Russia, have restrictions on the import and use of encryption tools and do not allow cryptography tools to be imported or used within their borders without a license, or in some extreme cases, at all.   
  • Install Antivirus Software and keep it up-to-date on all devices.   
  • Update all operating systems and applications. If you no longer need an application, uninstall it.   
  • Use the MU Virtual Private Network (VPN):  VPN provides a secure connection to the Internet.  The VPN can be used on Windows, Mac and Linux platforms, and mobile devices. 
  • If available, use eduroam for wireless service:  eduroam is a consortium of institutions from the international education and research community that allow members to use each other’s secured wireless networks by logging in with their home institution ID.  
    • Configure your device for eduroam access while on campus, then test eduroam access before departing.   
  • Use 2-Factor authentication for any account where it is available.  

During Your Trip: 

  • Use the lowest possible privilege level:  While traveling, do not use an administrator account as your primary account.  Running as a non-administrative user will defeat a significant number of malware and browser exploits, because your computer is less likely to allow software, including malware, to be installed without you (1) clicking “install” and (2) typing your administrative password.   
  • “Opt out” of automatic connections:  In most countries, you have no expectation of privacy in Internet cafes, hotels, airplanes, offices, or public spaces.  All information you send electronically can be intercepted, especially wireless communications. 
    • Turn off “join wireless networks automatically” on all of your mobile devices (computers, tablets, mobile phones, etc.). 
    • Always manually select the specific network you want to join, only after confirming its name and origin with the provider.  
    • Turn off wireless and Bluetooth, when not actively being used. 
  • Use care when using a “public” device:  Do not log into sensitive accounts (e.g., bank accounts) when using publicly available computers.  Be aware that keyloggers, “shoulder surfing” and cameras pointed toward keyboards are common ways that credentials are compromised. 
  • Keep track of what credentials you use while traveling:  Whether you sign into personal or University accounts while traveling, keep track of the services you’ve accessed. If you are on an extended trip, change your credentials periodically, and only while connected to a secure network (e.g., eduroam, MU VPN).  Never use the same password for multiple services. 
  • Keep your technology with you:  Do not leave electronic devices unattended. All items should be stored in your carry-on luggage, and within reach at all times.  Conceal your devices when they are not with you.   
  • Clear your Internet browser after each use:  Delete history files, caches, cookies, and temporary internet files.  
  • Report when something goes wrong:  If your phone or laptop is stolen, report the theft immediately to the following:   
    • The local US Embassy or Consulate
    • Your department head 
    • ITS Support Help Desk

After Your Trip:

  • Change your passwords:  Using a trusted computer and network, change passwords for ALL services you accessed while away.  When changing passwords, remember to pick strong, complex passwords, and do not reuse the same password for multiple services.  
  • Scan your devices:  Scan all of your electronic devices for malware.  Should you need assistance with this, consult with ITS support.