Best Practices When Traveling
Researchers preparing to travel with technology must be aware and heed precautions in the interest of protecting their research data and mitigating potential risks and vulnerabilities in today’s cyber world. The following tips aim to reduce the risk of compromise to personal information, data, and devices while traveling, and in addition, offer some general best practices to help minimize the chances of falling victim to attack or loss while away.
Preparing for your trip: Plan ahead
- Back up your data and information (photos, contacts, documents, data) to a cloud service or external drive that you will be leaving at home. If possible, carry with you a device that is free of any data, documents, or personal information (consider a prepaid burner, or loaner device)
- Consider leaving any unneeded devices and data at home – If you don’t need it, don’t take it!
- Prepare your laptop or mobile device
- Update your operating system, install any available patches and fixes
- Update all of your software applications
- Install and/or update and run your anti-virus and anti-malware applications
- Install and configure full disk encryption software if permitted by the laws of countries you will be traveling to (here is a good list of resources). Both Mac and Windows operating systems have built-in utilities to support this
- Install VPN (virtual private network) software for remote networking. Test before you leave! Run VPN from off-campus, test all essential apps. When connecting via VPN from off-campus there are potential firewall issues that you will want to identify before you leave.
- Set up and use a non-privileged user account on your device (non-administrator account). Only use elevated privileges when absolutely necessary (such as to install new software or perform updates). Root privilege accounts can offer a gateway for malware intrusion
- Enable personal firewall protection
- Make sure your device is configured to meet the UCSD minimum network standards
- Configure the passcode lock feature on your device and keep your device locked any time it is not in use
- Configure the auto-lock feature so it will engage after a short period of inactivity
- Configure a tracking app that is capable of remotely locking, locating, and/or wiping a lost or stolen device (Apple products and Windows 10 have built-in features). This will ensure that your data is safe even if the hardware cannot be recovered
- Use strong passwords or passphrases on all accounts – at least 8 characters with a combination of alpha, numeric, and special characters
- If you will be traveling farther than 100 miles from your campus, register your trip See additional information offered by the UC Office of the President.
- If you are traveling internationally, sign up for travel alerts
- Understand and read up on export control basics, license requirements, and research compliance Contact UCSD’s Export Control Officer to discuss any questions you might have
- Do not expose your personal information on luggage tags. Use tags that conceal the information from public view
While you are away: Be aware
- Never leave your device unattended. Cars, hotel rooms, and check bags are all opportunities for theft. Always store your device in a secure location, such as a hotel safe
- Avoid carrying your data and information on USB sticks. Too frequently these are lost or stolen, they are rarely encrypted, and easily become corrupt
- Never plug in USB sticks, SD cards, or other accessories that are offered to you by others. These can contain malware, ransomware, or viruses that will infect or completely disable your computer, or put your data at risk
- Disable features that seek to auto-connect your device to wifi networks and other Bluetooth devices
- Only connect to wifi networks that are trusted or known. When using unencrypted public wifi hotspots (airport, coffee shop, etc.), be sure you are connecting to a legitimate source (when in doubt, ask a representative of the establishment to verify the network for you) and never conduct sensitive business such as banking or make purchases using a credit card on an unsecured network. Only use secure, encrypted (https://) networks for sensitive business activities
- Turn device wifi off when not in use to prevent attacks by nearby hackers
- Use VPN software when connecting to the Internet whenever possible. This will encrypt all communications and route them through UCSD (although you may experience slower Internet speeds). This creates a secure connection and also allows you to access servers that are otherwise unavailable to off-campus network connections.
- Connect to Eduroam networks when visiting other institutions, if available. Eduroam is a secure network and you can log in to any Eduroam network with your UCSD credentials. See "Eduroam access for UCSD personnel while traveling"
- Computers that are available for public access (libraries, internet cafes, hotel lobbies) are convenient but risky! Never enter personal information (username, password, credit card numbers) on a computer that is publicly accessible. Criminals often use keylogging malware to capture and steal this information. Always clear your browsing history after using a public machine
- Download and use vendor apps whenever possible. They generally authenticate over secure transmission (or locally on the device) rather than exposing your personal information to a non-secure network
- Do not perform any software or operating system updates while you are away. If you are prompted, just wait until you return home
- Note that your electronics are subject to search at the US border (and other countries). See this informative FAQ.
When you return: Staying on guard
- Change the passwords to any sites you visited while you were away
- Back up your data and transfer any newly acquired data to your cloud service or external hard drive for safekeeping
- Install any updates, patches, or fixes necessary to keep your operating system and software applications current