- 5 minutes to read
- Last updated January 26, 2016
This checklist will help you keep your accounts, devices and data safe when traveling abroad.
Before you go
Consider taking a rental device rather than your personal equipment. This will limit the amount of data at risk should your laptop or phone be lost, stolen or searched. PC and Macintosh laptops with appropriate up-to-date security protections are available for checkout from DoIT. Cell phones are also available. Devices available for checkout is limited so reserve as soon as you can.
If you can not take a loaner device, sanitize your device by backing up the information and remove all information not needed during your travels. Ensure up-to-date protections for anti-malware, security patching and firewalls.
Take the minimum amount of information needed for your travel. Do not take sensitive information (electronic or printed) with you as you travel. Evaluate the sensitivity of the information you are considering taking by knowing in many countries/cultures there is no expectation of privacy. Backup all information you do take and leave the backup at work. Remove all external storage media (e.g. CDs, USBs, etc.) from the computer before you travel.
Do not use the same login credentials for University and personal business. Where possible, ensure passwords for sensitive enterprise systems (e.g ISIS, HR, etc) are not the same as self-service passwords (e.g. email, calendar, myuw, etc.) Make any necessary password changes warranted by this review, particularly for systems you will be accessing while abroad.
During your stay
Eavesdropping is routine in some countries. Limit electronic and face-to-face discussion of sensitive information. If possible, wait to discuss sensitive matters upon return or using a known secure mechanism.
Do not use computers or faxes at foreign hotels or business centers for sensitive matters. Do not allow foreign storage devices e.g. USB, CDs, etc. to be connected to your computer or phone.
Do not leave these devices unattended e.g in your hotel room, in hotel safes, in your checked baggage, or do not ask someone to watch for you.
Turn off Bluetooth and Wifi capability on your device when you are not using. Consider turning off your cellular phone when it is not in use and particularly if you have a data plan enabled.
This is particularly advisable in countries where there is no expectation of privacy. See the U.S. State Department’s web site for country specific issues. In general, when accessing University systems minimize the length of time and amount of information accessed. Use VPN whenever possible to connect to campus resources, unless you are in a country that doesn’t allow encryption.
Report loss or theft of information or electronic devices to firstname.lastname@example.org
Upon your return
Return the loaner laptop to DoIT for analysis and cleaning. If you took your personal computer, we highly recommend that the laptop is analyzed for malware, unauthorized access and if necessary re-built before next use. DoIT can assist in this effort.
Consider changing passwords for all systems you accessed while traveling.