Travel to a foreign country presents unique security challenges for Dartmouth faculty, staff, and students. Devices such as laptops, tablets, and smart phones have exposure to potential theft or damage by malicious actors in unfamiliar places like airports, train stations, hotels, or conference halls. Academic and business travelers are high risk targets for identity fraud and theft of intellectual property. Traveling to a foreign country requires extra safeguards to protect your data and comply with regulations.
A Note About Encryption
International travelers should give careful consideration to US export control laws and import restrictions imposed by foreign destinations. Foreign regulations are unclear about encryption and change constantly. The Wassenaar Arrangement provides some guidance.
- Commercial grade encryption is permissible for travel outside the U.S. and for use in most countries.
- Encryption of your device or files may be illegal in your destination country.
Notable exceptions include:
- No Encryption: Cuba, Iran, North Korea, Sudan, and Syria
- May be illegal (Not Recommended): China and Russia. Use clean devices with only the data you need.
- IN ALL CASES: While outside the U.S., if asked for the decryption password by government agents, give it up without argument.
Contents
Before You Go
- Enable security. For all devices:
- Enable encryption. Pay close attention to laws or restrictions for encryption technology in the destination country. See NOTE above.
- Enable PIN or strong password protection.
- Enable auto-lock after inactivity.
- Enable auto-wipe after failed login attempts.
- Enable device location services.
- Enable remote wipe.
- Install or enable anti-virus software.
- Backup all data. Take only the minimum data necessary or contact the Computer Repair Shop to schedule a laptop rental. Please review Backup & Storage.
- Update. Make sure all devices have current operating systems and all applications are up to date with security patches.
- Remove permissions. If your account is a local administrator of your device, work with your Service Desk to remove or restrict any elevated or sensitive permissions. Setup a new account to use while traveling that does NOT have superuser, root, or administrator privileges.
- Go generic. Consider whether or not it’s feasible to use disposable accounts for email, file sharing, and other required services. You can generate a generic email account for travel purposes only.
- Carry-on. Don’t pack devices in checked luggage. Try to keep all devices with you during travel.
While You're There
- Do not leave devices unattended.
- Disable ‘connect automatically’ to wireless network feature or disable wireless connectivity when not in use. Only connect to known WiFi networks.
- Disable Bluetooth, AirDrop, and infrared signals (IR) when not in use.
- Disable cameras and microphones when not in use. Tape over cameras.
- Enable host based firewalls.
- Use a Virtual Private Network (VPN). You can use GlobalProtect to connect to Dartmouth's VPN.
- Avoid using third party accessories. Do not connect foreign USB/flash drives, charging cables, or SD cards. Pack all peripherals needed during the trip.
- If your device has a removable battery, remove it when not in use.
- Be aware of your surroundings. Avoid working on or conducting sensitive business in cafes, coffee shops, or lobbies. Equally, do not work on or conduct business on public computers. Avoid banking or file transfers in Internet cafes.
- Practice safe browsing. Make sure websites begin with HTTPS and you can verify the identity of the site. If you receive pop-ups, prompts, or warnings - assume the site is compromised or traffic is being intercepted. Do not install software or interact with pop-ups. Clear browsing history and cookies when you end your browsing session.
When You Return
- Reset credentials. Change all passwords for all accounts used out of country.
- Scan. Run full anti-virus scans on systems and data before use.
- Monitor. Keep an eye on accounts used during travel. Report any suspicious activity related to your devices or accounts.