Travel Guidance
If you are travelling abroad, here are some steps you should take to protect your data.
Potential Risks:
- Theft of information, including proprietary research, patient data, etc. and information resources including laptops, smartphones, tablets, Flash drives, CD’s etc.
- Physical damage as result of accidents
- Political unrest, natural disasters, health concerns (epidemic) in host country.
- Exposure to vulnerable public networks e.g. hotel network, airport, restaurant networks which has light security in-depth.
- Risk to unfavorable international data protection/security regulations, e.g. the use of Encryption software.
Before you Leave:
- Know your destinations IT security law and practices by researching the destinations IT Security’s reputation, alerts and US government bulletins.
- Install updates to your software and operating systems to prevent exploitation. This includes ant-virus/anti-malware, operating systems and applications.
- Change your password, and use different passwords for different accounts.
- Backup your data to a device and store it securely – assume that all data you bring will be lost.
- Sanitize your devices to clear them of documents/media that could be perceived as provocative or inflammatory by certain governments
- Travel lean. Bring only those devices and data that is absolutely needed.
- Download and set up device manager such as Find my iPhone/iPad/Mac or Find my Device (for Android). This will allow you to erase data remotely if a device is lost or stolen.
- Ensure your computer is encrypted. UMass Chan Medical School devices should be encrypted per UMass Chan policy.
- Test your VPN connection to ensure secure communication.
During Travel:
Security at the destination country will mainly rest on the Users security awareness and commitment to protect data and IT resources. The following are some safeguards to ensure information security:
- Power off your device. At a minimum, disable WiFi and Bluetooth capabilities when not in use.
- Do not enter your credentials into public computers, e.g. internet cafes, hotels business center work stations, airport workstations. If you do, quickly change your credentials.
- Do not plug in untrusted accessories such as flash drives, CD’s, SD cards etc.
- Do not charge your device using a public kiosk
- Connect to HTTPS websites only
- Use VPN Software to establish a secure network connection.
- Do not leave devices unattended
- Clear internet browsing sessions after each use
- Immediately report a stolen or lost phone or computer to Information Security.
- Report incidents if you believe that your device or confidential information may have been compromised. https://umassmed.edu/it/security/security-strategy/report-a-problem/
Upon Return:
- Change your password
- Run antivirus software scan
For additional information, please visit the International Support Services Page.
External resources:
- U.S. Office of Counterintelligence advice on overseas travel with personal devices
- U.S. State Department guidelines for protecting business information overseas
- Wellabroad.com/travel-warning-feeds/