Tips for Traveling at Home and Abroad
Don't let security concerns derail your travel plans.
You may not be aware that traveling internationally greatly increases the risk of your information and device data being compromised, whether through theft or intrusion. These risks need to be evaluated, mitigated, and wherever possible avoided. The best way to do this is to plan ahead! In order to protect you, our community, and Rice resources from the risks associated with traveling internationally, the Information Security Office (ISO) recommends that the following specific precautions be taken.
Before the Trip
- Research the international requirements for each country you plan to visit. The State Department has travel safety information for every country on their website (https://www.fcc.gov/consumers/guides/cybersecurity-tips-international-travelers). Some countries have restrictions on encrypted devices. Familiarize yourself with your destination’s laws about technology and check especially for encryption import restrictions. Violating these restrictions can result in your devices being confiscated!
- Plan to take only what you absolutely need. Leave all unnecessary devices or equipment in the US.
- If you must take your data/device with you, follow these guidelines.
- Make sure the operating systems and all applications are patched with the latest available versions.
- Make sure devices have OS appropriate anti-malware packages installed.
- Uninstall unused applications and turn off any unneeded background services since those can be used as possible "back doors" to
get into your system.
- Remove sensitive or confidential information from your devices before traveling. You can safely store data on university servers
for later access.
- Check if your device or devices, including externals such as thumb drives are encrypted. Instructions on how to do that can be
found here: https://kb.rice.edu/page.php?id=72740. Make sure that the password you use to get into your computer is different
from the one you use with your NetID and different from any other services you use. This will protect you in the event you are
required to give up your encryption password at a border check.
- If your destination country allows the use of VPN, use it when you connect to Rice resources. This will create a secure tunnel
protecting your information. As of August 1st, 2018 AnyConnect VPN (https://kb.rice.edu/search.php?q=vpn+anyconnect&cat=0)
is the software to use for this purpose.
- Change your NetID password before traveling and change it again upon return by visiting https://mynetid.rice.edu/.
- Disable all wireless communication technology when not in use. This means Wi-Fi, Bluetooth, NFC, RFID, etc. The simplest and fastest way to accomplish this is by putting your device in airplane mode.
- Power off systems when not in use.
- Turn off "join wireless networks automatically" on all mobile devices. Avoid internet cafes and any wireless hot spots that ask to install any programs or certificates in order to use it.
- Use web-based resources while traveling when available (webmail, rice.app.box, etc.) using AnyConnect VPN.
- Make notes of anything that appears odd or unusual while using your devices.
- Whether using someone else’s or your own computer, never accept patches or updates while in foreign countries.
- If you traveled with your own mobile device or laptop, check for and install any OS or program updates before connecting back onto
Rice campus system.
- If you experienced any anomalies or suspicious activity, report it to the Information Security Office or the OIT Help Desk so that
we can help you investigate. Please provide an itinerary or log of when during your trip these occurred. This can id with investigation.
- Change any passwords used while abroad using a secure and trusted machine. Remember, sometimes a complex and unique
password is the only thing preventing someone access to your information.
Ultimately you are responsible for keeping your risk low and the information and devices you use protected, as laid out by Rice University Policy No. 832 (https://professor.rice.edu/uploadedFiles/Professor/Independent_Pages/Policies/Policy%20832.pdf). You can set your mind at ease about your devices and your data, both personal and university owned, by following these steps.
If you have any questions regarding these recommendations, please contact your department OIT representative, the ISO, or call the OIT Help Desk (713-348-HELP).