Travel may expose you to some special data security risks. Before you travel, please review the following recommendations in order to avoid inconvenient or unpleasant incidents. If you are traveling abroad, please read our recommendations for international travelers as well.
Before You Leave
- Minimize the number of devices you take with you. Extra laptops, tablets, or smartphones you will not absolutely need on your trip only increase the risk that something will be lost or stolen.
- Remove any private or confidential data you do not want anyone else to see. If you need any of this data for your trip, saving it in cloud storage provides you with an extra layer of password protection if a device is stolen and means that the data will remain available to you even if you lose the device.
- Perform a full backup of all devices before you leave to make sure you will not lose important information if any devices are stolen or lost.
- Make sure all of your devices are secured with a strong password and encryption.
- Configure full disk encryption
- Create a password at least four characters long for your mobile devices. If your devices support longer passwords, use the maximum characters permitted to decrease the odds that someone can break the password.
- Set different passwords for multiple devices or applications. Consider setting new passwords for your devices and for key applications for the duration of your trip, and change them again when you return.
- Configure your devices to wipe automatically after a set number of failed login attempts. Review the instructions for wiping your device remotely in case it is lost or stolen.
- Confirm that all your device operating systems, antivirus programs, and other software are up to date with the latest security patches.
- Carry only essential identification documents and credit cards. Leave the rest in a secure location at home.
- Inform banks and credit card companies of your travel plans, including all dates and locations on your itinerary. This will help them monitor for fraudulent activity and help you avoid the inconvenience of flagged transactions and declined payments when you are making legitimate purchases.
While You Are Traveling
- Use the UChicago VPN connection as much as possible. When you cannot use the UChicago VPN, be sure to use secure (https://) connections when working online.
- Use a non-administrator account on your computer unless absolutely necessary to prevent unauthorized system access when using public networks.
- You should always consider Wi-Fi networks and computers at cyber cafés to be insecure, and always use a VPN when you use them. If VPN is not available, keep your sessions short and do not access private or confidential data, or use sensitive accounts such as banking or credit card accounts.
- Use airplane mode to keep your device wi-fi connectivity suspended in public spaces unless you are actively working online.
- Disable wireless when not in use. Ad-hoc wireless or wireless file sharing such as Apple AirDrop can inadvertently provide direct access to your device.
- Do not loan your device to anyone.
- Do not leave your device unattended.
- When using your device, stay aware of the people around you. Be careful not to give anyone the opportunity to snoop what you are reading on your screen or typing on your keyboard, especially if you need to use a password.
- Disable Bluetooth or set it to Hidden, not discoverable to further protect your device from unauthorized access.
- Do not attach unknown removable media such as thumb drives to your devices, and do not allow anyone else to plug your removable media into their devices. This is a notorious vector for viruses, malware, and spyware.
- Do not click on suspicious links or system prompts while you are browsing the web or checking your email.
- Report lost or stolen devices to local authorities and IT support as soon as possible. This is the best way to protect your data and recover your device.
- Use secure ATMS in public areas during daylight hours. Conceal PIN entry and cash output from view as much as possible.
- Consider purchasing a SIM card or cell phone from a local provider for use during your stay. This adds a layer of anonymity and enhances your privacy and security.
After You Return Home
- Return any loaner devices.
- Have your devices, thumb drives, and any other removable media scanned for malicious software. Do not connect any devices or media to a network until they are tested!
- If you discover any malware infection, reformat and rebuild with help from your local IT support desk, and restore your data from backups.
- Inform your bank and credit card companies of your return. Be sure to review all of your financial transactions for suspicious activity.