Skip to content

IT Guidance

An international trip can present unique cybersecurity challenges for members of the UC community. Inevitably, travelers abroad will connect their devices to networks in a variety of unfamiliar places. These connections may expose your data or devices to malicious entities, people, or software. For example, working abroad often means that your device(s) will connect to public networks in hotels, airports, train stations, and at conference venues, either at other universities or elsewhere. Some of these networks employ minimal security measures or are monitored by governments. They can harbor malware from cybercriminals, including nation-state actors, who target academic and business travelers. These actors often seek to steal intellectual property and/or compromise individuals or their institutions. Intelligence agencies and independent actors target higher education travelers specifically.

To protect data and devices, both professional and private, certain precautions are required before, during, and after your trip. In addition to data security safeguards, international travelers also need to consider US export control laws and import restrictions imposed by destination countries.

Workforce Members should follow the guidelines listed below. Location guidelines, when available, also apply.

Before

Leave the data and/or device at home. The best way to safeguard data or devices is to not bring them on the trip. If the data stored on your device is not essential to your trip, leave the device in a secure location (home/work) and bring along a loaner device instead. Consult your technical support staff to see if there’s an option to borrow a loaner device for your trip. Assume any device and data taken on the trip can and will be accessed.
Backup the data. You should always backup your data. In case you lose your device or malware corrupts your data during the trip, a reliable backup allows recovery of your data.

Install and configure the Location’s VPN software. VPN software protects against eavesdroppers on networks during your trip. Note: some countries prohibit the use of VPNs that prevent government monitoring.

Ensure the device follows UC’s security controls for everyone and all devices: https://security.ucop.edu/policies/security-controls-everyone-all-devices.html
Note: If your device is lost or stolen, device encryption is the best protection. Some countries restrict the use of imported encryption software, so research the software import laws of your destination country. If you are not able to use encryption software at your destination, please strongly consider leaving your data and device at home. Note: some countries can force you to decrypt data.
Keep tabs on your device. Consider installing a “find my device” app.
Plan your connection method. Consider activating the appropriate international calling and data options under your plan. Set up an EDUROAM network connection before you leave.
Implement multifactor authentication. Set up multi-factor authentication for your accounts. Check with your location for guidance on configuring MFA and one-time/backup codes.
Use a webcam and screen cover. Covering your webcam is can protect your privacy. Privacy screens prevent others from shoulder surfing.

 During

Do not leave your device unattended. Physically having control of your device is the easiest way for someone to access your data. If you ever leave your computer, make sure to secure it. Turn it off completely rather than using sleep mode. This makes unauthorized access more difficult.
Do not use untrusted accessories. Never plug in an untrusted accessory, including charging tools. Additionally, never use gifted or found USB or thumb drives.
Do not enter your credentials on untrusted or public access computers. Public computers, such as those at a hotel business center or internet café, are often poorly managed and provide minimal security protection for users.
Connect only to known Wi-Fi networks. Anyone can create a network and give the network a legitimate sounding name in order lure unsuspecting travelers. These connections allow criminals to capture personal information transmitted through the network. This is especially common at public cafés, hotel lobbies, and airports. When connecting to a network, find out the correct network name from the staff at the business and use that network exclusively. At most universities, you can use the EDUROAM network.
Turn off your Wi-Fi and Bluetooth when not in use. Some devices connect to Wi-Fi automatically. Make sure that this feature is disabled on your device. The best practice is to turn off both Wi-Fi and Bluetooth when not in use.
Use your Location VPN software. VPN software offers a more secure network connection.
Practice safe web browsing. The websites you visit online hold valuable data about you. Do not click through system or application warnings or error messages.
Be aware of targeting social engineering. This can take many forms, such as a dining invitation, shared ride, calendar invite, or an appeal to your helpfulness. Note that providing details about your plans or personal life on social media makes targeting even easier. Avoid providing any travel details online in a publicly accessible format.

After

Reset Passwords Used. On a trusted device that you have access to, make sure to reset the password you used during the trip.
Wipe Temporary Devices. Do not connect the device used on your trip to a protected Location network or your home network. Work with your local IT support team for secure data transfer and wiping of the device.
Delete Unneeded apps. If a temporary device was not used, delete downloaded apps used specifically for your trip if they are no longer required.
Run Anti-Malware Scans. If a temporary device was not used, run full antivirus scans on your device(s).

 

Copyright © Regents of the University of California | Terms of use