University employees who travel to foreign countries with laptops, phones and other mobile devices are subject to risks. These recommendations should be used as a guide to reduce the risks, such as loss, seizure or tampering.
- Configure a password to log in to any devices you are taking. A password prevents others from accessing your data if your device is lost or stolen. See password guidelines.
- Do not store sensitive data, e.g. social security numbers, FERPA data, credit card numbers, etc. on any devices you are taking with you.
- Do not copy sensitive data to memory sticks or other easily lost media.
- Do store data you may need to access on your trip in your WMU Google Drive space.
- Encrypt your devices to protect your data. Your college IT support person can help you with this.
- Set Wi-Fi to "not automatically connect to Wi-Fi" on all devices capable of wireless connections.
- Do not update your computer while connected to a public or hotel wireless network.
- When connecting to the Internet, do so by using the WMU VPN, or, eduroam if it is available.
- Disable Bluetooth on your laptop, mobile phone, and other devices.
- Set your mobile device to be wiped after 10 login attempt failures. Backup your device before traveling, in case your device is wiped.
- Upon return, immediately change your Bronco NetID password and any other passwords used while traveling.
If you are asked by an airport or other security officer to start your device to prove that it works, start your device and enter your password yourself. If the security officer requires that you provide the password to them, do so, but immediately change the password afterwards, or as soon as possible. If your device is taken out of your sight, be very cautious about using it.
Travel to China, Russia, and other high risk or export control countries
Traveling with IT devices to some countries, most notably China and Russia, is considered high risk. The U.S. government has issued several advisories that travelers be aware they could be targets of espionage activities when visiting these countries.
- Take a loaner laptop and phone. Do not travel with your own mobile devices as there is a high probability they will be subject to compromise and tampering. See your college IT support person for assistance with that.
- Do not use USB drives, external storage devices, CDs, DVDs or other media supplied in high risk or export control countries and do not bring these devices back to WMU.
- Do not travel with encrypted devices to China unless you have advance approval. China severely restricts the import of unapproved encryption. If you attempt to cross the border with an encrypted device, you may be asked for the decryption key or your device may be confiscated.
- The U.S. government prohibits traveling with encrypted devices to countries that are considered to support terrorism, namely Cuba, Iran, North Korea, Sudan and Syria. Do not bring encrypted devices to these countries.
When you return
- If you were using any loaned devices, return them as soon as possible.
- Do not use any mobile device used while traveling to access your home or WMU network until it has been analyzed and cleaned. Your college IT support person can help with that.
- Change any passwords you used while traveling. Do not use the devices you used while traveling to change your passwords.
Reporting a lost or stolen device
See rules and procedures for notification of lost or stolen computing/electronic storage devices.