Before you go...
- If traveling with University data and/or IT resources, consult with the Office of Export Control for requirements and current travel restrictions that could endanger those assets.
- Additionally, international travel is subject to the University Policy on Faculty and Staff International Travel and requires registration.
- Consult with your local support partner (LSP) and/or Information Security for assistance in securing any University-owned or managed electronic devices (e.g., smartphones, laptops, tablets, etc.) being taken abroad.
- If possible, do not take your work or personal devices with you, particularly if traveling to non-democratic countries. One possibility is to use a temporary device, such as an inexpensive laptop and/or a prepaid "throw away" cell phone purchased specifically for travel. You could also create a "throw away" email account for use only on the trip. Delete the account when you return.
- Be sure to password or passcode protect (passcode refers to mobile phones) the device, but do not use the same passwords/passcodes that you use on your work and personal devices. Consider using a sentence or passphrase that's easy to remember.
- If you must take your electronic devices with you, secure yourself with the following steps:
- Only include information on the device that you will need for your travel
- Encrypt your hard drive to protect your data
- Make a full backup of your device and leave it at work in a secure location.
- Ensure that either your LSP or another appropriate member of your department can access the secure location if needed
- Be sure that any device with an operating system and software is fully patched and up-to-date, along with up-to-date security software. Check with local support technicians or your department to ensure you have the latest patches.
- Make copies of your passport, airline tickets, driver's license, credit cards and any other document you take with you. Leave one copy at home.
- Register with the State Department's "Smart Traveler Enrollment Program" They will also suggest establishing emergency points of contact.
- Obtain the phone number and address of US Embassy and Consulate for country(s) you plan to visit.
- You might also want to read this New York Times article about some things to consider when planning out your trip abroad.
While you're there...
- Assume that anything you do on any device, particularly over the Internet, will be intercepted. Encrypted data may be decrypted In some cases.
- Turn off devices when not in use. Do allow them to be in "sleep" or "hibernation" mode when they are not in active use.
- Minimize the data contained on the device. This is particularly true of logins and passwords, your personal information, and any sensitive data. See UVA’s policy regarding this.
- Never use shared computers in public areas, hotel business centers, or cyber cafes, and never use devices belonging to other travelers, colleagues, or friends.
- Avoid the use of "free" WiFi, which allows for data (and password) interception.
- Keep your passport, other travel documents, credit cards, etc., as well as your electronic devices, with you at all times during your travel. Do not assume they will be safe in your hotel room or in a hotel safe.
- Do not draw attention to yourself, invite strangers into your room, leave drinks unattended or carry large amounts of cash. Use only authorized taxis.
- Be aware of new acquaintances who probe for information. Avoid long waits in lobbies and terminals. Be aware of your surroundings at all times.
When you return...
- If you used a temporary device, immediately discontinue use. Reformat the hard drive of any device you used, and reinstall the operating system and other related software, or dispose of the device properly.
- Delete the "throw away" email account, if you created one for the trip.
- Change any and all passwords you may have used abroad.
- Report any unusual circumstances to the FBI.