桃瘾社区

桃瘾社区 IT security team using a laptop

International Travel Guidelines

International Travel with Mobile Phones, Laptops or Other Electronic Devices

General Information on International Travel

In most countries you have no expectation of privacy in Internet cafes, hotels, offices, or public places. Hotel business centers and phone networks are regularly monitored in many countries. In some countries, hotel rooms are often searched.

All information you send electronically 鈥 by fax machine, personal digital assistant (PDA), computer, or telephone 鈥 can be intercepted. Wireless devices are especially vulnerable.

Security services and criminals can also insert malicious software into your device through any connection they control. They can also do it wirelessly if your device is enabled for wireless. When you connect to your home server, the 鈥渕alware鈥 can migrate to your business, agency, or home system, can inventory your system, and can send information back to the security service or potential malicious actor.

Malware can also be transferred to your device through thumb drives (USB sticks), computer disks, and other 鈥済ifts.鈥

Transmitting sensitive government, personal, or proprietary information from abroad is therefore risky.

Corporate and government officials are most at risk, but don鈥檛 assume you鈥檙e too insignificant to be targeted.

Foreign security services and criminals are adept at 鈥減hishing鈥 鈥 that is, pretending to be someone you trust to obtain personal or sensitive information.

If a customs official demands to examine your device, or if your hotel room is searched while the device is in the room and you鈥檙e not, you should assume the device鈥檚 hard drive has been copied.

Before You Travel

If you can do without the device, don鈥檛 take it.

Don鈥檛 take information you don鈥檛 need, including sensitive contact information. Consider the consequences if your information were stolen by a foreign government or competitor.

Back up all information you take; leave the backed-up data at home.

Seek official cyber security alerts from: www.onguardonline.gov and www.us-cert.gov/cas/tips

Prepare Your Device

Create a strong password (numbers, upper- and lower-case letters, special characters 鈥 at least 12 characters long). Never store passwords, phone numbers, or sign-on sequences on any device or in its case.

Change passwords at regular intervals (and as soon as you return).

Download current, up-to-date antivirus protection, spyware protection, OS security patches, and a personal firewall.

Update your web browser with strict security settings.

While You're Away

Avoid transporting devices in checked baggage.

Use digital signature and encryption capabilities when possible.

Don鈥檛 leave electronic devices unattended. If you must stow them, remove the battery and SIM card and keep them with you.

Don鈥檛 use thumb drives given to you 鈥 they may be compromised. Don鈥檛 use your own thumb drive in a foreign computer for the same reason. If you鈥檙e required to do it anyway, assume you鈥檝e been compromised; have your device cleaned as soon as you can.

Shield passwords from view. Don鈥檛 use the 鈥渞emember me鈥 feature on many websites; re type the password every time. This is especially important when using public or shared devices

Be aware of who鈥檚 looking at your screen, especially in public areas.

Terminate connections when you鈥檙e not using them.

Don鈥檛 open emails or attachments from unknown sources. Don鈥檛 click on links in emails. Empty your 鈥渢rash鈥 and 鈥渞ecent鈥 folders after every use.

Avoid Wi-Fi networks if you can. In some countries they鈥檙e controlled by security services; in all cases they鈥檙e insecure.

If your device or information is stolen, report it immediately to the Information Security Office (ISO@pace.edu)

When you return

Change your password.

Have your 桃瘾社区 ITS examine the device for the presence of malicious software.