CITS International Travel Tips

Increase your security precautions when visiting sensitive countries or areas (Middle East, China, Russia, and others). Recommendations for highest security include:

• Use clean laptops or other IT devices when available.
• Ensure systems are updated with the most recent security and malware definition files before travel.
• Remove all unnecessary UMB data and/or personal data from laptops or electronic devices before taking such devices overseas; take only what you need to complete the reason for your visit. If you cannot afford to lose it, or if the loss of the information or data would create a financial or reputational risk to you or the University, leave it at home.
• Remove ALL third-party proprietary, confidential, or sensitive data and all export-controlled data and materials from any electronic devices before travel.
• Remove any encrypted files and encryption-capable software, other than system-critical or software support encryption technologies (for instance, built-in Windows encryption resources). Encryption technologies are strictly controlled for entry and exit from countries such as China.
• Do not use any Wi-Fi connections from unknown third-party providers/sources.
• Always use VPN back into UMB systems; note that China prohibits the use of VPN unless specifically approved for use.
• Refrain from using publicly available Wi-Fi connections if possible, even if labeled as secure and/or requiring passwords for use, as these connection points are often subject to intrusion software risks such as keystroke loggers.
• To the extent possible, keep laptops/devices in your personal possession at all times.
• Never accept or attach unknown devices or drives (including flash/USB drives) because malicious code may be installed on such devices at any time, including at manufacture or after.
• Have your electronic devices scanned for malware upon return before making a connection to the UMB network.

In most countries, you have no expectation of privacy in internet cafes, hotels, offices, or public places.

• In some countries, hotel rooms are often searched.
• All information you send electronically — no matter the method — can be intercepted.
• Security services and criminals can track your movements using your mobile computing/electronic device and can even turn on the microphone in your computing/electronic device when you think it is off.
• Security services and criminals can insert malicious software into your computing/electronic device through any connection that they control. When connecting to your home or University systems or networks, this malware can be transmitted back to these systems as well.
• Transmitting sensitive information from abroad is risky.
• If your mobile computing/electronic device is examined, or if your hotel room is searched while you are not present, you should assume that your device’s data has been copied and/or compromised.

Source: Pennsylvania State University (edited)