Information security tips for travelers
When traveling for business or for pleasure, many of us find it essential to take a laptop, tablet or smartphone with us to stay connected to our office and family. Since our devices are prime targets for thieves, it's important to understand how to protect yourself, your devices, and personal or university data when traveling. The following tips are designed to help students and employees secure their mobile devices and personal and work-related information while traveling.
Preparing Your Device
- Back up your devices before traveling. Should your device be lost or stolen, your data will be stored safely elsewhere.
- Do not store the backup on mobile media (like a USB drive) and pack it with your luggage! Leave the backup at home or at the office in an appropriately locked container.
- Use a password, passphrase, or passcode on your device, but never store it with the device.
- Enable a firewall on your laptop.
- Install anti-virus software and keep it updated.
- Update and patch your devices with the latest software prior to leaving and after you return.
- Use encryption to protect your personal confidential information on mobile devices.
- Don’t store UM confidential data on your mobile devices
- Employees: Always check with your IT support for help making changes to a university device.
- Bring a minimum number of devices and keep them with you as much as possible
- When using cell phones, stay off the local telecommunications network if possible.
- Foreign intelligence services may tamper with phones via telecommunication networks; avoid roaming on these networks. To make voice calls, consider acquiring a disposable phone in-country or use Skype or a similar applications
- Be wary of wireless networks. Don’t connect to a wireless network you don’t recognize. If you aren’t sure what’s available, ask someone in authority.
- Use only secure networks such as those found in a United States embassy, university or corporate office. Always check with someone you know and who is knowledgeable first.
- Never accept or install software updates of any kind when traveling. Some intruders push malware application updates to hotel network users. It’s better to update your applications before traveling and then avoid updates until you return home.
- If you don’t have your own device, avoid using a public computer for any kind if activity in which you might enter a password, credit card number, or other sensitive data. There is no way to tell if someone before you has infected the machine with spyware, malware, or keylogger software to capture the keystrokes of information you provide while using it.
- If you have no choice but to use a public computer to communicate sensitive information, assume that all information and your login and password you used have been compromised. Keep track of the accounts you had to access and change your passwords immediately when you have access to a trusted computer and network, or contact the IT Central for assistance.
- If possible, bring only clean ‘disposable’ devices, especially when visiting overseas.
- Employees: When you get home, relinquish your loaner devices to your IT support staff. They may wish to perform forensics to determine if the device contains rogue software or hardware.
- Use dual authentication to access your personal email whenever possible
- Change your password frequently
- Don’t do any banking via the Internet; instead, go to a local branch office
- Don’t shop using your credit card online while traveling
- Don’t let anyone else use your device
- Don’t let anyone repair or service your device; you are better off bringing your device home to repair it with a certified dealer
Connecting to the Internet Using "Public Networks"
A public network is a network that is generally open (unsecured) allowing anyone access to it. These networks are available in airports, hotels, restaurants, and coffee shops, usually in the form of a Wi-Fi (wireless) connection. When you connect to a public network, your online activities and data transmissions can be monitored by others, and your device may be at risk to a potential attack. Here are some safety tips when using public networks.
- Avoid entering any personal or confidential information, such as passwords, credit cards, etc., until you have a more secure network connection.
- Limit your use to casual browsing only, e.g., checking the news, looking up restaurant or movie information, or flight information, etc.
- Read, understand, and heed ALL browser warnings you see (i.e. pop-ups.)
- Beware of unusual computer behavior - operating extremely slowly (indication of snooping).
- Consider alternative Wi-Fi connections such as using a cell phone to connect to the Internet (tethering).
NOTE: Some information on this page was adapted from “Seven Tips for Digital Security Overseas” by Richard Bejtlick, 5/23/13, on the M-UNITION Blog