Skip Navigation
Security

Precautions for International Travel

Guidance for Information Technology and International Travel 

This guidance is meant for institutional leaders on overseas travel. Others are welcome to consider these. There are several precautions worth taking prior to departure, during travel and upon return.  There are reports regarding cyber-risks in overseas travel and these are worth considering, specifically in high risk regions and nations.

Yet the principal risk of overseas travel remains physical loss or theft of devices. And theft can happen anywhere, but risk corresponds roughly to the crime rate of the nation. In addition, cellular and network service may not be as reliable or fast in some nations. Recently issued guidance about laptops on flights have complicated laptop preparation.

1.       Laptop preparation – the safest approach is to assume that the laptop that you are taking will be lost at some point in the trip

  • Some departments have loaner laptops that can be used for this purpose, ask your desktop support staff whether one is available
  • Backup valuable data
  • If you have sensitive data, ensure that the device is encrypted – JHM managed laptops are encrypted by default
  • Make sure that device is patched and that you have Endpoint Protection activated (e.g. MS Forefront, Sophos for Macs, etc.)
  • Check the JHPulse VPN connection prior to departure
  • If you keep an external storage device, encrypt sensitive data (i.e. through a ZIP file), and do not store the device in the same bag as your laptop
  • Discreetly mark your laptop and keep a picture of it in case it is misplaced in an administrative proceeding

2.       Smart phone and table preparation – some wary travelers avoid using smart phones at all when traveling in at-risk nations due to cyber-security risks. There are risks involved, but most travelers are willing to accept the risk for the additional convenience of a smart phone over a standard cellular model.

  • Ensure that your roaming plan meets your needs to avoid outrageous charges
  • All devices should have log-in passwords or pins
  • Mobile device management – clinical staff that use mobile Epic applications should have Mobile Device Management. Familiarize yourself with automatic wipe
  • Minimize the number of messages stored on the device to a day or two
  • Ensure that the device and apps are updated
  • Check with others traveling with you for multiple cell carriers so that if one carrier has trouble, others in the group can still use voice or wireless

3.       Laptops and wireless devices while traveling

  • Be wary of open wireless networks
  • If using wireless in the hotel, use the JHPulse VPN
  • Be wary of any wireless network that asks you to install or update software
  • Be discreet when using your phone in public and secure it on your person against pickpockets

4.       Avoid authenticating to Hopkins at airport, hotel or other open kiosks, as these are often compromised with keyboard logging malware

5.       Regarding recent changes in laptop storage on flights, there is a great deal of uncertainty regarding the scope and requirements. In general, travelers should consider the following:

  • Anticipate possible security delays at pre-departure screening at the affected airports. Consider arriving earlier than usual to account for potential delays caused by enhanced screening
  • Consult the relevant carrier or airport prior to departure from an affected airport
  • Comply with all security directives from airport authorities. 
  • Monitor the TSA and Department of Homeland Security websites for up-to-date information on changes to regulations
  • Lock suitcase according to TSA-approved measures to comply with bag search policies
  • When collecting baggage from carousel at your destination, check to see if your electronic equipment is safe before leaving the airport. 

6.       When you return:

  • Check all devices for any changes or new applications
  • Use your Endpoint Protection to undergo a full scan of your laptop for malware
  • Change your JHED password within a reasonable period of time – it is often the case that there is a time lag between compromise of a credential and its misuse. When in doubt change your password.

6.       If you have trouble overseas:

  • Contact the Hopkins Help Desk for any loss or theft of devices