Traveling Abroad with Technology?

Posted July 24, 2017 by Academic and Institutional Technology
Tags: Security

Traveling Abroad with Technology?

Effective Date: July 24, 2017

Travel, both local and international, introduces unique cybersecurity concerns. Travelers are often vulnerable to theft, malicious software, and covert surveillance over insecure networks. In addition, international travel can involve privacy and data import/export laws different from those in the United States.

The following tips can help keep your devices and data safe while traveling abroad.

Before you go:

Ask yourself, "Do I really need this device?"

What are you planning to do while traveling? Are your personal and/or Wheaton College-owned devices necessary to accomplish this? Unless you absolutely need the device, leave it behind. It is better to be slightly inconvenienced than take the risk of losing your device or dealing with a malware infection.

Travel loaner laptop

Utilize an Academic and Institutional Technology (AIT) travel laptop instead of your primary computer. AIT has a small number of temporary travel laptops that can be used for core functions such as Outlook, Microsoft Office, and web browsing. Contact us to discuss this option.

Be familiar with the laws of the countries you're visiting

• In some countries, customs agents or police officers can confiscate your device. They may require you to unlock or provide passwords for those devices. While your device is confiscated, it may be perfectly legal for those agents to search through your data and install or enable surveillance software.
• In some cases, encrypted devices are permanently confiscated and some types of technology are not allowed at all. Research thoroughly before departing.
• While in a foreign country, assume you are always under surveillance.

Back up your data before you leave…

If you must take your College-owned computer abroad, contact us to discuss backing up your data. If your device is infected or lost, you will be able to recover your data .

Ensure your computer has VPN installed.

Use a virtual private network (VPN) to access Wheaton College systems or data. This provides secure access to college data.

Change your password before and after your trip

Changing passwords to accounts you will use both before and after your trip will enhance the protection of those accounts.

Ensure your device has a password or pass code/pin to unlock the screen.

This is standard for all phones and tablets that access the Wheaton College email system, as well as all computers set up by AIT.

Ensure your device is encrypted.

Whole disk encryption is used to protect data on your device if it is lost or stolen. AIT is working to ensure all College-owned computers have whole disk encryption. If you would like to be sure your computer is encrypted, please contact the AIT Service Desk.

• Please note that if you are traveling to a country that participates in the Wassenaar Arrangement, you will be able to maintain your full disk encryption. If you are traveling to a country that has not signed on (currently Cuba, Iran, North Korea, Sudan, and Syria) you will likely not be able to travel with an encrypted computer. Contact us to discuss a temporary loaner. 

Once you arrive

Do not save important files on your device. If your device is lost or stolen, that data will be gone forever. Or worse, it may be in the hands of someone who could use it maliciously. Save Wheaton College data to ThunderCloud Storage (powered by Box), which stores data in a secure encrypted format. For personal data, use your preferred cloud storage provider (Google Drive, Dropbox, etc.).

Don't let cybersecurity take a vacation

Continue good cybersecurity practices no matter where you are. Keep in mind:

• Hotel and conference wireless networks are generally insecure. Be careful what data you transmit over insecure networks.
• Assume your data on any insecure network can be monitored, and act accordingly.
• Never let anyone else borrow or use your device. 
• Use a virtual private network (VPN) to access College systems or data.
• Keep your devices physically secure. Do not put them in checked baggage or leave them in hotel rooms.
• Be wary of devices, such as thumb drives, that you receive as gifts, as they could contain malware. Do not borrow any devices, such as thumb drives, for use on your computer.
• Do not install any software updates or patches while you are away from a known, secure network. Update your computer before you travel. 
• Disable broadcast services, including Bluetooth and Wi-Fi when they are not needed. These services have the potential to be used to launch attacks or introduce malware to your device.
• Put a piece of tape over any integrated laptop cameras or disable them in settings.
• Lock your screen or power off your device when you will be away from it.
• Do not plug USB powered devices into public charging stations. Such stations can transfer malware to your device or download data from it. 

Coming home

When you return from traveling, contact the AIT Service Desk if you took a College-owned computer abroad. We will scan it for any malware or surveillance software.

We also recommend changing your passwords when you return, especially the passwords for any service you accessed while traveling.

Additional Resources

Resources from the FBI

Safety and Security for the Business Traveler:

• Business Travel Tips
• Safety and Security for the Business Professional Traveling Abroad

Safety for Students Traveling Abroad:

• The Key to US Student Safety Overseas 
• Safety and Security for US Students Traveling Abroad

Resources from the State Department

• Traveler’s Checklist
• Worldwide Caution List
• Alerts and Warnings
• Websites of US Embassies, Consulates, and Diplomatic Missions
• What to Do During a Crisis Abroad
• Students Abroad
• Faith Based Travel Information

If you have any questions or concerns, please contact Academic and Institutional Technology at ait.service.desk@wheaton.edu or call 630.752.4357 (HELP).