IT Service Status
Stay Secure During Travel
Traveling with digital devices is often necessary in order to stay connected while you are away from the office or home. Here are several tips to keep you secure while traveling.
Before You Go
- If a device, credit card, or document isn’t absolutely required for your trip, leave it at home.
- This is especially true for sensitive intellectual property that might have research or commercial value.
- If you must bring a device with you, look into a low-cost or loaner tablet or laptop only to access the Internet and Northwestern resources, including email, instead of taking your daily personal devices.
- If you must bring cards or documents with you, make a copy of these items and store the copy in a secure place. You may want to make electronic copies available to you via OneDrive, SharePoint, Google Drive, or something similar in case the original is lost and access is needed while abroad.
- Consider keeping your data only on a University server and accessing it only through a secure VPN connection. Alternatively, store documents in the cloud with services like Google Docs, DropBox, etc., to facilitate sharing and collaboration without exposing all information to compromise or theft.
- Configure your devices for maximum security while traveling.
- Where possible, encrypt devices prior to travel.
- Install antivirus software on your devices.
- Run all updates to systems and applications prior to travel. Updates and patches acquired from unsecured networks may be malware in disguise.
- Enable any firewalls, screen locks, timeout functions, and automatic wipes you may have disabled while at home.
- Back up any data on devices that will be traveling with you.
- Turn off file-sharing and printer-sharing applications. These can be used to connect to your device.
- Set secure passwords, codes, or screen locks for all devices so information can’t easily be accessed if the device is lost or stolen. Create new passwords on accounts you will need to access while traveling. Disable all “remember me” functions that automatically enter your passwords in applications. Use Multi-factor Authentication where possible.
- When traveling abroad, be aware of updates affecting your personal safety and security, as well as laws in relevant countries regarding the movement of information, technology, software, and equipment across borders.
- Visit the US Department of State website for your destination country’s safety and security information. Enroll in the US Dept of State STEP program for timely US embassy updates on breaking safety/security news.
- Several countries are subject to US embargoes, and the shipment or transfer of items or information to such countries may be severely limited or banned.
- Some countries restrict the use of encryption within or across their borders, and the US prohibits the transport of encrypted devices to some countries. You may be compelled to share access to encrypted devices by law enforcement or customs personnel, or they may be confiscated upon arrival.
- Many countries have different laws regarding data privacy and the search and seizure of electronic devices. Your data may be monitored or retained when moving across their networks, including Internet, e-mail, and telephone communications. Your belongings may be searched or confiscated during customs inspections, hotel stays, use of taxis/rental cars, etc., with or without your consent or knowledge, and electronic media may be copied.
- If presenting or sharing research, be cognizant of different laws and social norms regarding intellectual property. Members of your audience may be subject to different legal and professional standards regarding reproduction of information or materials.
While Traveling
- Keep portable equipment (cellphones, laptops, flash drives, DVD/CDs, PDAs, etc.) in your possession at all times. If this is not possible, leave these items in a safe or a locked box/bag when unattended.
- Use GlobalProtect VPN on your laptop, smartphone, or tablet to create an encrypted connection to University resources. You can also connect securely when on-campus by using the eduroam network and while at participating eduroam institutions. Unencrypted connections may put your communications at risk.
- Assume that any networks or devices other than your own are insecure. If you must connect to a device or network shared by other unknown guests, do not enter sensitive information (credit cards, bank accounts, passwords, etc.), and do not download updates or new applications.
- Avoid connecting to charging stations that do not involve direct connection to an electrical outlet. Connecting to an unknown USB port can allow the transfer of malicious data to your devices.
- Disable services such as Bluetooth, Wi-Fi, and GPS when they are not needed.
- Be careful about the amount of information you are sharing on social media. You may be providing public answers to your security questions or public information about your absence from home. Lock down your privacy settings and be mindful of who has access to what information.
- Consider using RFID-blocking wallets or bags to protect cards and passports from skimmers.
Back on Campus
- Change the passwords and PIN numbers on any accounts you accessed while traveling. Ensure that you are not reusing the passwords you created for devices and accounts prior to travel.
- Reformat devices that have been used abroad, especially on unsecured networks. Do not copy sensitive information onto a computer that has been overseas and has not been wiped upon return. Do not plug in external drives or devices that were used abroad without reformatting them.