Security and Privacy Tips for World Travelers |
|
April 15, 2014, Volume 60, No. 30 |
Another tip in a series provided by the
Offices of Information Systems & Computing and Audit, Compliance & Privacy
International travel introduces new risks to your data and devices. Below are a few key tips to keep you safe while going global.
Before You Go
• Identify your Local Support Provider (LSP), and let them know you will be traveling.
• Ask your LSP if a sanitized “loaner” computer is available. If not, work with them to conduct a full backup of your system and all its data. Also ask your LSP to confirm that all software is up to date and appropriate security tools (such as disk/device encryption, password locking, location services and remote wiping) are functional.
• Avoid taking sensitive data unless absolutely necessary.
• Encrypt data if it is essential that you take it with you. Users intending to travel to Cuba, Libya, North Korea, Syria, Sudan, Iran or Iraq should contact the Office of Research Services for assistance before exporting Penn-owned equipment.
• Be sensitive to local privacy laws. Contact the Office of Audit, Compliance and Privacy (privacy@upenn.edu) for advice regarding the applicability of international privacy regulations if you will be working with other people’s personally identifiable data.
While You’re Away
• Select WiFi connections that encrypt traffic, are restricted with a password and are provided by a trusted source (University, colleague, hotel, etc.) whenever possible. Use encrypted services whenever in doubt (e.g., HTTPS over HTTP) when web-browsing.
• Avoid accessing sensitive websites from public computers, such as at Internet cafes, as their security is highly unreliable.
• Keep mobile devices on your person or in a locked safe whenever possible. If your device is stolen, notify your LSP immediately. See Penn’s Top 10 Security Tips for Smartphones & Tablets for other key measures: www.upenn.edu/computing/security/checklists/Top10/
When You Return
• Work with your LSP to securely transfer any data, and scan your system for malware.
• Consider changing any passwords (e.g., your PennKey) that were used while you were abroad.
• Please note that some software and data may be subject to Export Control Regulations. See www.upenn.edu/researchservices/exportcontrols.html
• Contact your Local Support Provider (LSP) or ISC Information Security at security@isc.upenn.edu for additional assistance. Safe travels.
For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/ |