Best Practices when Traveling with Technology
When traveling with technology, whether on University business or personal, there are many considerations you should plan for in securing electronic devices during your travels. This document contains some best practices in securing University owned or personal electronic devices during your trip. The US government has many resources available to help travelers prepare for their travels. Below are some examples:
Even though the above sites are specific for international travel, the same security precautions are recommended even with travel within the United States.
Best Practice 1: Leave your personal or university-owned electronic devices at home
In some countries, your computing devices could be confiscated and taken out of your sight and control. There have been reported cases in which spyware software was installed on devices without the owner’s permissions or knowledge. Therefore, it is recommended that you check out one of the ENS loaner laptops for your travels. ENS can ensure that any software you need during your travels is installed prior to your departure. ENS laptops will also have the latest antivirus program installed and enabled, as well as VPN software to securely connect to internal CSU network services.
For cell phones, if possible, consider purchasing a temporary cell phone or tablet in the foreign country to use during your stay.
Click on the link to check out a laptop from ENS.
Best Practice 2: Change your passwords before your travel date
We recommend that you change your Engineering and/or EID passwords to a temporary one during your travels. This will protect you against the possibility of your password being stolen when using unsecured public Wi-Fi spots as well as hotel provided Wi-Fi services. Once you return from your trip, you can reset your Engineering and/or EID passwords.
Best Practice 3: Back up your data and leave it at home
Never store any sensitive (work or personal) data on your electronic devices (laptops, tablets and smart phones) that you take with you on your travels. We recommend that you keep all sensitive data stored on Engineering internal network file shares such as your U: drive. This will protect you from data loss, in the event of the loss or theft of your electronic devices, since there will be no sensitive data on them. You can always access your data through a secure VPN connection.
Even better, consider using a Mobile Desktop, when you know that you will have a high-bandwidth Internet connection. That way, all computing and file storage is done on a server stored at CSU, and no data is ever actually on the laptop or mobile device you use. Click on the link for more information on the Mobile Desktop.
Best Practice 4: Avoid accessing sensitive sites on unencrypted Internet services such as internal hotel Wi-Fi services or public Wi-Fi spots.
Always assume your Internet activity is being watched, whether traveling abroad or within the United States. If you need to access a site that stores sensitive information, be sure to first establish a secure internet connection using VPN and access those sites via the https (versus unencrypted http) protocol.
Best Practice 5: After returning from foreign travel, do not use the device until it has been properly reviewed
There is a strong possibility that your computing device will be infected with a computer virus or malware when traveling abroad. Therefore, the device should be scanned for viruses, malware, and any other unexpected software before being used after returning home. ENS provides this service for university-owned devices. In some cases it may be necessary to wipe and reinstall the operating system as a precautionary measure against unseen tampering or infection.
If given a device as a gift, allow ENS to review it before using it. Also, do not use USB devices given to you in a different country until the USB drive can be scanned for malware.
Best Practice 6: Sharing data with foreign nationals should be reviewed by the CSU Export Control Office
If you will be sharing sensitive data, you should contact the CSU Export Control Administrator to ensure the data is cleared of any copyright or government security restrictions.
CSU Export Control Administrator: Scot Allen (scot.allen @ colostate.edu), 970-491-1563
Please contact the Engineering Network Services (ENS) Help Desk with any questions or special requests with regard to technology
This document last modified Monday January 25, 2016