Travel Guidance


If you are travelling abroad, here are some steps you should take to protect your data. 

Potential Risks:

  • Theft of information, including proprietary research, patient data, etc. and information resources including laptops, smartphones, tablets, Flash drives, CD’s etc.
  • Physical damage as result of accidents
  • Political unrest, natural disasters, health concerns (epidemic) in host country.
  • Exposure to vulnerable public networks e.g. hotel network, airport, restaurant networks which has light security in-depth.
  • Risk to unfavorable international data protection/security regulations, e.g. the use of Encryption software.

 

Before you Leave: 

  • Know your destinations IT security law and practices by researching the destinations IT Security’s reputation, alerts and US government bulletins.
  • Install updates to your software and operating systems to prevent exploitation.  This includes ant-virus/anti-malware, operating systems and applications. 
  • Change your password, and use different passwords for different accounts.
  • Backup your data to a device and store it securely – assume that all data you bring will be lost.
  • Sanitize your devices to clear them of documents/media that could be perceived as provocative or inflammatory by certain governments
  • Travel lean.  Bring only those devices and data that is absolutely needed.
  • Download and set up device manager such as Find my iPhone/iPad/Mac or Find my Device (for Android).  This will allow you to erase data remotely if a device is lost or stolen.
  • Ensure your computer is encrypted. UMASS Medical School devices should be encrypted per UMMS policy.     
  • Test your VPN connection to ensure secure communication.

During Travel:

Security at the destination country will mainly rest on the Users security awareness and commitment to protect data and IT resources. The following are some safeguards to ensure information security:

  1. Power off your device.  At a minimum, disable WiFi and Bluetooth capabilities when not in use.
  2. Do not enter your credentials into public computers, e.g. internet cafes, hotels business center work stations, airport workstations. If you do, quickly change your credentials.
  3. Do not plug in untrusted accessories such as flash drives, CD’s, SD cards etc.
  4. Do not charge your device using a public kiosk
  5. Connect to HTTPS websites only
  6. Use VPN Software to establish a secure network connection.
  7. Do not leave devices unattended
  8. Clear internet browsing sessions after each use
  9. Immediately report a stolen or lost phone or computer to Information Security.
  10. Report incidents if you believe that your device or confidential information may have been compromised. https://umassmed.edu/it/security/security-strategy/report-a-problem/

Upon Return:

  1. Change your password
  2. Run antivirus software scan

For additional information, please visit the International Support Services Page.

External resources: