Safe computing when traveling abroad

Last updated January 26, 2016

Is there a trip abroad in your future? Read this to find out while preparing to leave, when out of the country and upon your return how to keep your accounts, devices and data safe.

Getting prepared

This is an accordion element with a series of buttons that open and close related content panels.

Generate backup passcodes for future use

Generate a back-up or temporary MFA code so you do not need your MFA device to connect to the network.

Reserve a loaner device

Consider taking a loaner device rather than your personal equipment.  This will limit the amount of data at risk should your laptop or phone be lost, stolen or searched. PC and Macintosh laptops with appropriate up-to-date security protections are available for checkout from DoIT.

Prepare your laptop/tablet for travel

If you can not take a loaner device, sanitize your device by backing up the information and remove all information not needed during your travels.  Ensure up-to-date protections for anti-malware, security patching and firewalls. Be sure to empty your Trash/Recycle Bin and enable screen lock and timeout functions prior to travel. Also make note of your laptop’s serial number.

Minimize the information you take with you

Take the minimum amount of information needed for your travel.  Do not take sensitive information (electronic or printed) with you as you travel. Evaluate the sensitivity of the information you are considering taking by knowing in many countries/cultures there is no expectation of privacy. Backup all information you do take and leave the backup at work.  Remove all external storage media (e.g. CDs, USBs, etc.) from the computer before you travel.

Review university and personal passwords

Do not use the same login credentials for university and personal business. Where possible, ensure passwords for sensitive enterprise systems (e.g SIS, HR, etc) are not the same as self-service passwords (e.g. email, calendar, myuw, etc.). Make any necessary password changes warranted by this review, particularly for systems you will be accessing while abroad.

Familiarize yourself with local laws and security

Is the country you are traveling to on the sanctioned or embargoed country list?

Visit the U.S. State Department’s web site to obtain information about the safety and security of the country you are visiting and to enroll in the Smart Traveler Enrollment Program (STEP). You can also go to the International Safety and Security Director’s (ISSD) site for valuable resources, links, and information to help you plan safe and secure travel abroad.

Contact your mobile phone service provider

Contact your mobile phone service provider and ask what they recommend for international cellular service while traveling.

During your stay

This is an accordion element with a series of buttons that open and close related content panels.

Have no expectation of privacy

Eavesdropping is routine in some countries.  Limit electronic and face-to-face discussion of sensitive information.  If possible, wait to discuss sensitive matters upon return or using a known secure mechanism.

Treat electronic devices as compromised

Do not use computers or faxes at foreign hotels or business centers for sensitive matters.  Do not allow foreign storage devices e.g. USB, CDs, etc. to be connected to your computer or phone. Do not download new apps or allow your operating system or existing apps or programs to update. Do not click on links in messages or use links to move from internet site to site.

Keep electronic devices in your physical possession

Do not leave these devices unattended e.g in your hotel room, in hotel safes, in your checked baggage, or do not ask someone to watch for you.

Disable devices network capabilities when not in use

Turn off Bluetooth and wifi capability on your device when not in use. Consider turning off your cellular phone when it is not in use and particularly if you have a data plan enabled.

Avoid accessing systems with sensitive or restricted information from abroad

This is particularly advisable in countries where there is no expectation of privacy.  See the U.S. State Department’s web site for country specific issues. In general, when accessing University systems minimize the length of time and amount of information accessed.  Use VPN whenever possible to connect to campus resources, unless you are in a country that doesn’t allow encryption.

Report loss or theft of information or electronic devices to help@doit.wisc.edu

Upon your return

This is an accordion element with a series of buttons that open and close related content panels.

Clean and/or rebuild all electronic devices

Return the loaner laptop to DoIT for analysis and cleaning.  If you took your personal computer, we highly recommend that the laptop is analyzed for malware, unauthorized access and if necessary re-built before next use.  DoIT can assist in this effort.

Change passwords

Consider changing passwords for all systems you accessed while traveling.

Get help

The DoIT Help Desk can also answer any questions you have, or connect you with the right group.

Email the Help Desk