UVM's Information Security Operations Team answers "Why?" Why?security

Traveling Abroad without Making the News (Mobile Tech Edition)

Occasionally, a member of the community approaches the ISO Team to ask for our advice on traveling safely with mobile technology. While individual circumstances (including the nature of the mobile technologies/data in play, the nature of the trip, the particular destination) will dictate specifics, our general recommendations (below) will cover a lot of ground for a lot of folks.

  1. Unless there is a tremendously-compelling reason to do otherwise, leave your normal work machine (with your years of research data, UVM/previous employer’s email, grant proposals, intellectual property, personal finances, countercultural rantings, etc.) at home and take a loaner machine (provided by your Helpful IT Folks) containing only the materials necessary for the trip.
  2. This loaner should be wiped and get a fresh OS install to keep from leaking data belonging to the *last* person who traveled with it…and to keep the new traveler from picking up any *ahem* latent “gifts” acquired by the last user. Set all installed browsers to clear all private data on session termination, and disable (browser-based) password storage.
  3. Make liberal use of webmail.uvm.edu, webfiles.uvm.edu, and sslvpn.uvm.edu while abroad.

These suggestions apply to smartphones/tablets/Google Glass/smart watches/any other device that stores data which could be 1) a liability to the university if lost or 2) embarrassing to the user if confiscated. Or data the export of which is controlled under ITAR rules. (Yes, that applies to Higher Ed.)

[Edit 8 November, 2013: It’s worth considering, too, that not all travel destinations feature the robust freedoms of expression that we enjoy in the U.S., so feel free to substitute/append “…or could precipitate your detention if confiscated and found to be at variance with local law.”]

Why incur this much potential inconvenience? One reason is that humans have a tendency to (subconsciously) downplay the risks inherent in the data they tote around on a daily basis, and while “safe” might cost them an extra few hours over their two-week trip, “sorry” can manifest in more…time-consuming ways.

Incidentally: Simply having the storage encrypted doesn’t suffice in a number of travel zones, as customs officials may be invested with the authority to compel the owner to unlock/decrypt it. (And encryption is illegal in certain jurisdictions.)

Want to share your own tips/travel-tech stories? Got questions? Need to chat about your specific circumstances? Please let us know! As usual, we can be reached at iso@uvm.edu.



Sam Hooker, for the ISO Team

Skip to toolbar