Page Menu

Travel Guidance

If you are travelling abroad, here are some steps you should take to protect your data.

Potential Risks:

Theft of data, including proprietary research, patient data, personally identifiable information, etc.
Theft of information resources including laptops, smartphones, tablets, flash drives, CD’s etc.
Physical damage to devices as the result of accidents.
Political unrest, natural disasters, health concerns (epidemic) in the host country.
Exposure to vulnerable and poorly secured public WiFi networks such as hotels, airports, restaurants, coffee shops, etc.
Risk due to unfavorable international data protection/security regulations, e.g., the use of encryption software.

Before you Leave:

Know your destinations cybersecurity laws and practices by researching the destinations security reputation, alerts, and US government bulletins.
Install updates to your software and operating systems to prevent exploitation. This includes ant-virus/anti-malware, operating systems, and applications. Apply all available updates to your computer and phone before departure.
Change your password and use different passwords for different accounts.
Use a strong pin code on your phone (6 digits recommended) and apply automatic lockout settings (where your phone requires a pin/authentication to unlock after a period of idle time).
Backup your data to a device and store it securely – assume that all data you bring will be lost.
Sanitize your devices to clear them of documents/media that could be perceived as provocative or inflammatory by certain governments.
Travel lean. Bring only those devices and data that is absolutely needed.
Download and set up device manager such as Find my iPhone/iPad/Mac or Find my Device (for Android). This will allow you to erase data remotely if a device is lost or stolen.
Ensure your computer is encrypted. UMass Chan Medical School devices should be encrypted per UMass Chan policy.
Test your computer VPN connection to ensure secure communication. Travel to certain High-Risk destinations will prohibit VPN connections back to UMass Chan Data Centers.

During Travel:

Security at the destination country will mainly depend on the traveler’s security awareness and commitment to protecting data and information resources. The following are some safeguards to ensure information security:

Power off your phone and computer when not needed. At a minimum, disable WiFi and Bluetooth capabilities when not in use (airplane mode does not always disable Bluetooth).
Disable location services when not needed.
Do not enter your credentials into public computers, e.g., internet cafes, hotel or business center workstations, airport workstations. If you do, quickly change your credentials.
Do not plug in untrusted accessories such as flash drives, CD’s, SD cards etc.
Do not charge your computer or phone using a public kiosk or any other public charging station.
Connect to HTTPS websites only.
Use VPN Software to establish a secure network connection.
Do not use public WiFi on your phone.
On your phone, only access email and other Microsoft O365 products via the Microsoft app (using multi-factor authentication).
Never open unknown email attachments or links.
Do not store any sensitive data on your phone.
Do not leave devices unattended. Keep your phone on your person at all times.
Clear Internet browsing sessions after each use.
Immediately report a stolen or lost phone or computer to Information Security.
Report incidents if you believe that your device or confidential information may have been compromised. https://umassmed.edu/it/security/security-strategy/report-a-problem/

Upon Return:

Change your password.
Run antivirus software scan.
If returning from a High-Risk destination, reach out to UMass Chan IT to ensure your devices are free from anomalous software and malware.

For additional information, please visit the International Support Services Page.

University Of Massachusetts Travel Policy:
The policy can be found here: T22-066 Travel Policy_Final 5.19.23.pdf

External resources:

U.S. Office of Counterintelligence advice on overseas travel with personal devices
U.S. State Department guidelines for protecting business information overseas
Wellabroad.com/travel-warning-feeds/

How to install updates:

1. On your Taskbar, click the arrow that expands your hidden applications.

2. Navigate this selection and find your security applications i.e. McAfee, Windows Defender. (You may have to perform a search in the Search Bar on the Taskbar to discover certain security applications. Use key words like "anti-virus" or "anti-malware")

3. Explore these applications and you will easily find options to update any software that might be out of date.

How to check if your computer is encrypted:

Navigate to your Taskbar.
Click the arrow that expands and displays all hidden icons.
Locate the security software installed on your computer, in this case it is McAfee.
Right click the application icon and hover your mouse over where it says "Quick Settings", then proceed to click "Show Drive Encryption Status". A window will then pop up and display the status of your security system.
Confirm your computer is encrypted with the IT Helpdesk. (Be aware that some countries restrict encrypted devices.)

Test your VPN connection

1. Navigate to your task bar. Expand hidden applications.

2. Locate the application named "Pulse Secure". Right click it and open it.

3. A panel will pop up and it will show if you're connected or disconnected.

You can also edit your connection here as well. To do so, follow the these steps:

1. With the Pulse Secure application panel open, click the pencil icon. A separate panel will open for you to input information.

2. The first text box should be inaccessible and read "Policy Secure (UAC) or Connect Secure (VPN)".

3. In the second text box called "Name", type "UMMS" without quotations.

4. Under Server URL, type the following: remote.umassmed.edu

5. Click Save.

How to Run an anti-virus scan:

Go to your Taskbar, expand the hidden icons and locate McAfee.
Right click the application icon, then hover your mouse over "Manage Features"
Under this category there should be the option "VirusScan Enterprise". Click it.

Menu with manage features selected, VirusScan Enterprise selected in sub menu

4. You may be prompted with a message about making changes to your PC. Click "Yes" to proceed.

5. The VirusScan console window will then appear. Under the list of choices, right click "Full Scan" and then click Start. The virus scan will then begin. This process can take several minutes.

Report any incidents or suspected incidents to Information Security