- Planning for a safe travel with digital devices requires you to analyze the risk to critical data versus your business needs.
- Ask yourself what data and services do I have access to and how can I protect it.
- More is not better - if you have to take your device have the device rebuilt and only take minimal data you will need for the trip. Very important that you do not take documents that contain high risk data. Consult with Help Desk
- ALWAYS Encrypt your data. Make sure your device has been encrypted and your data has been backed up.
- Keep your operating system and software up-to-date
- Travel Light - Leave your current devices home and only take the minimum you need to get your work done. Find out about loaner travel devices that can be checked out.
- Never take a USB device; they can be easily lost or stolen and infected.
- See if your voicemail can be forwarded to your email so that you don't have to use your passcode or incur additional costs.
- If you are taking a mobile phone, see if international rate plans are available to avoid roaming charges.
- Avoid taking your work or personal phone. Back up your data and reset to factory defaults if you have no choice. When possible use a different phone, like a burner phone if possible.
- Know the high risk countries. Check the U.S. Department of State Travel Advisories
When you travel, your computer and internet habits can put your privacy and data security at risk. This site provides steps that you should take before you travel, whether you travel in the US (Domestic) or outside the US (International).
The chance that your system will be compromised while traveling is small, but the impact of a compromised system can be significant especially if you reconnected to the Weber State Universitynetwork.
Minimum Travel Checklist
- Use WSU's Virtual Private Network to access company resources.
- Be aware of your surroundings make sure no one is shoulder surfing while you are working on your device.
- Never leave your device unattended.
- Never use any unknown devices such as USB device on your system.
- Use two-factor authentication
- Do not use kiosk chargers as there may be a hackert at the other end of that wire.
- Know what travel advisory level 1-4 mean and make sure you check for alerts as often as possible. U.S. embassies and consulates abroad issue Alerts to inform U.S. citizens of specific safety and security concerns in a country, such as demonstrations, crime trends, and weather events. Stay connected enroll in the Smart Traveler Enrollment Program (STEP)
- If your device is lost or stolen contact IT Service Desk and your supervisor immediately.
- Report any compromise to your device to Information Security Office and the IT Service Desk at email@example.com and firstname.lastname@example.org or call 801-626-6192 or 801-626-7777.
- Scan for malware before reconnecting to WSU's network.
- Change your password
- Change your voicemail passcode
- If you created documents when your traveled, after ensuring they are safe, move them to another device and wipe your computer to restore device to the state before travel.
- Do not connect your device to the network until you are sure it is safe. You will want to restore your device to a state before you left for your trip. Work with IT Service Desk.
Recommended Best Practice for Secure Travel
1. Remove any information you do not need on your device for the trip.
If your laptop is lost or stolen the potential for exposing your data while the laptop is not in your control is a high risk. By removing data that is not needed for the trip you minimize that exposure.
2. Update your operating system, data protection software, and other applications.
By updating all your applications and operating system, you are reducing the risk of potential vulnerabilities being introduced to your system.
3. Image the device or backup your data.
If your system gets compromised you will have a good backup to recover all your data. Plus your image file will have a record of what data may have been exposed. This is vital when reporting a compromised system.
4. Encrypt all your information using BitLocker to secure your device.
Not only is encrypting a WSU requirement, but you help restrict access to data. Encryption is vital when traveling.
1. Use WSU's Virtual Private Network to access company resources.
Also a WSU requirement, but you also ensure that the applications you are connecting to are also encrypted when you use VPN.
1. Scan for malware
When you scan for malware, you will know whether or not your system was compromised. Especially if it is a keylogger.
2. Identify and extract information collected on trip
By removing data from your trip you are making sure you don't have malware in the system.
3. Wipe the computer clean, reinstall the OS, applications and data.
By installing a clean version of the OS you are preventing any malware from infecting the WSU network. This step should be performed even if no malware is detected because your system could be compromised in other ways.
4. Change your password.
You never know if your account has been stolen, and the only way to ensure you are safe is to change your password. You should always change your password upon returning from travel.