Precautions for International Travel
Guidance for Information Technology and International Travel
This guidance is meant for institutional leaders on overseas travel. Others are welcome to consider these. There are several precautions worth taking prior to departure, during travel and upon return. There are reports regarding cyber-risks in overseas travel and these are worth considering, specifically in high risk regions and nations.
Yet the principal risk of overseas travel remains physical loss or theft of devices. And theft can happen anywhere, but risk corresponds roughly to the crime rate of the nation. In addition, cellular and network service may not be as reliable or fast in some nations.
1. Laptop preparation – the safest approach is to assume that the laptop that you are taking will be lost at some point in the trip
- Some departments have loaner laptops that can be used for this purpose, ask your desktop support staff whether one is available
- Backup valuable data
- If you have sensitive data, ensure that the device is encrypted – JHM managed laptops are encrypted by default
- Make sure that device is patched and that you have Endpoint Protection activated (e.g. MS Forefront, Sophos for Macs, etc.)
- Check the JHPulse VPN connection prior to departure
- If you keep an external storage device, encrypt sensitive data (i.e. through a ZIP file), and do not store the device in the same bag as your laptop
- Discreetly mark your laptop and keep a picture of it in case it is misplaced in an administrative proceeding
2. Smart phone and table preparation – some wary travelers avoid using smart phones at all when traveling in at-risk nations due to cyber-security risks. There are risks involved, but most travelers are willing to accept the risk for the additional convenience of a smart phone over a standard cellular model.
- Ensure that your roaming plan meets your needs to avoid outrageous charges
- All devices should have log-in passwords or pins
- Mobile device management – clinical staff that use mobile Epic applications should have Mobile Device Management. Familiarize yourself with automatic wipe
- Minimize the number of messages stored on the device to a day or two
- Ensure that the device and apps are updated
- Check with others traveling with you for multiple cell carriers so that if one carrier has trouble, others in the group can still use voice or wireless
3. Laptops and wireless devices while traveling
- Be wary of open wireless networks
- If using wireless in the hotel, use the JHPulse VPN
- Be wary of any wireless network that asks you to install or update software
- Be discreet when using your phone in public and secure it on your person against pickpockets
4. Avoid authenticating to Hopkins at airport, hotel or other open kiosks, as these are often compromised with keyboard logging malware
5. When you return:
- Check all devices for any changes or new applications
- Use your Endpoint Protection to undergo a full scan of your laptop for malware
- Change your JHED password within a reasonable period of time – it is often the case that there is a time lag between compromise of a credential and its misuse. When in doubt change your password.
6. If you have trouble overseas:
- Contact the Hopkins Help Desk for any loss or theft of devices