Page Menu

Travel Guidance

If you are travelling abroad, here are some steps you should take to protect your data. 

Potential Risks: 

  • Theft of data, including proprietary research, patient data, personally identifiable information, etc.
  • Theft of information resources including laptops, smartphones, tablets, flash drives, CD’s etc.
  • Physical damage to devices as the result of accidents.
  • Political unrest, natural disasters, health concerns (epidemic) in the host country.
  • Exposure to vulnerable and poorly secured public WiFi networks such as hotels, airports, restaurants, coffee shops, etc.
  • Risk due to unfavorable international data protection/security regulations, e.g., the use of encryption software.

Before you Leave: 

  • Know your destinations cybersecurity laws and practices by researching the destinations security reputation, alerts, and US government bulletins.
  • Install updates to your software and operating systems to prevent exploitation. This includes ant-virus/anti-malware, operating systems, and applications. Apply all available updates to your computer and phone before departure.
  • Change your password and use different passwords for different accounts.
  • Use a strong pin code on your phone (6 digits recommended) and apply automatic lockout settings (where your phone requires a pin/authentication to unlock after a period of idle time).
  • Backup your data to a device and store it securely – assume that all data you bring will be lost.
  • Sanitize your devices to clear them of documents/media that could be perceived as provocative or inflammatory by certain governments.
  • Travel lean. Bring only those devices and data that is absolutely needed.
  • Download and set up device manager such as Find my iPhone/iPad/Mac or Find my Device (for Android). This will allow you to erase data remotely if a device is lost or stolen.
  • Ensure your computer is encrypted. UMass Chan Medical School devices should be encrypted per UMass Chan policy.
  • Test your computer VPN connection to ensure secure communication. Travel to certain High-Risk destinations will prohibit VPN connections back to UMass Chan Data Centers.

During Travel:

Security at the destination country will mainly depend on the traveler’s security awareness and commitment to protecting data and information resources. The following are some safeguards to ensure information security:

  1. Power off your phone and computer when not needed. At a minimum, disable WiFi and Bluetooth capabilities when not in use (airplane mode does not always disable Bluetooth).
  2. Disable location services when not needed.
  3. Do not enter your credentials into public computers, e.g., internet cafes, hotel or business center workstations, airport workstations. If you do, quickly change your credentials.
  4. Do not plug in untrusted accessories such as flash drives, CD’s, SD cards etc.
  5. Do not charge your computer or phone using a public kiosk or any other public charging station.
  6. Connect to HTTPS websites only.
  7. Use VPN Software to establish a secure network connection.
  8. Do not use public WiFi on your phone.
  9. On your phone, only access email and other Microsoft O365 products via the Microsoft app (using multi-factor authentication).
  10. Never open unknown email attachments or links.
  11. Do not store any sensitive data on your phone.
  12. Do not leave devices unattended. Keep your phone on your person at all times.
  13. Clear Internet browsing sessions after each use.
  14. Immediately report a stolen or lost phone or computer to Information Security.
  15. Report incidents if you believe that your device or confidential information may have been compromised.

Upon Return: 

  1. Change your password.
  2. Run antivirus software scan.
  3. If returning from a High-Risk destination, reach out to UMass Chan IT to ensure your devices are free from anomalous software and malware.

For additional information, please visit the International Support Services Page.

University Of Massachusetts Travel Policy:
The policy can be found here: T22-066 Travel Policy_Final 5.19.23.pdf

External resources: