High Risk International Travel

Before you go 

• High-Risk Destinations. If your country of destination is considered high-risk, see the high-risk destination recommendations here. You can view the list of high-risk destinations here.  
• Travel only with the data and devices that you need. If you don’t have it, it can’t be stolen or confiscated. This may mean leaving some of your devices at home, removing personal or University data from your devices, or shifting your data to a campus-approved secure cloud service. If possible, avoid traveling with any sensitive or confidential information on your laptop, USB drives, mobile devices, etc. 
• If you’re traveling on DU business, check with your IT support staff about the possibility of getting a clean, encrypted laptop and/or phone that contains no sensitive data, no local passwords, etc. Also, check with your department for specific policies about device use and traveling abroad. You can request a loaner device through the IT Help Center.
• Encrypt all devices and data that you take with you. 
  
  • Secure Your Mobile Devices
  • Full Disk Encryption (FDE) provides safeguards against data stored on local devices from prying eye. FDE is especially useful for laptops and small computing devices that can be lost or stolen. If you use your personal laptop to access DU information, we strongly recommend enabling native FDE technology.  
    
    • Windows Bitlocker 
    • Mac OS X FileVault 
  • If you use a University-owned laptop, please contact the IT Help Center. 
  • You may need to verify whether the location you travel to restricts encrypted digital content. If you cannot use encryption software at your destination, contact your IT Help Center for guidance.  
• Password protect all of your devices. Use strong passwords, passcodes, or smartphone touch/facial ID to lock and protect your devices. 
• Change any and all passwords you may use abroad. 
• Back up your data to a secure location such as OneDrive.
• Set up multifactor authentication for your personal accounts whenever possible for an additional layer of security. IT@DU recommends using an app such as Google Authenticator for your personal accounts.
• Update your operating system and apps/ software, including antivirus protection, to make sure you are running the most secure versions available. Contact IT Help Center for guidance if necessary. 
• Turn on "Find My" tracking and/or remote wiping options in case of loss or theft. Make sure you know how to use these tools before you go. It is possible to remote wipe your device if your account is in Office 365. 
• Consider enrolling it in an international rate plan to avoid incurring exorbitant roaming charges. 
• Log out of browsers and apps, remove any saved login credentials, and clear your browser history.This will help prevent anyone from accessing your accounts or information without your knowledge. Also, delete apps you no longer use.
• Clear your devices of any content that may be considered illegal or questionable in other countries. 
• Check the State Department's website for any travel alerts concerning the specific countries you plan to visit (including any tech restrictions) and guidance on travel to high-risk areas. They also provide information for U.S. students traveling abroad, as does the FBI.

In transit

• Power off your devices before you arrive at the border. This will help resist a variety of high-tech attacks. 
• Do not put devices into checked baggage. Checked baggage can be lost, stolen, or tampered with.  
• Always keep your devices with you. Carry them on the plane, train or bus, and keep them nearby, within your sight. Avoid putting devices underneath the seat or in the front pocket of your seat. Devices can easily become lost, stolen, or tampered with. If you become separated from your equipment, there is a possibility that it has been compromised. If your equipment is confiscated or inspected by any foreign authority, then it should be considered compromised. 
• Disable auto-join Wi-Fi. Shut off the auto-join Wi-Fi function. 
• Be careful when using public wireless networks or Wi-Fi hotspots; they’re not secure, so anyone could potentially see what you’re doing on your computer or mobile device while you’re connected. If traveling to countries outside the U.S. and Europe, you should presume that the network itself is not secure. If you need Internet access, make sure you know who the reputable carriers are and only connect to them. 
• Use Virtual Private Network (VPN) software to secure your Wi-Fi network connection (encrypted). Note that some countries disallow the use of VPNs.

While you're there

• Connect to the Internet securely. The above advice about avoiding public Wi-Fi, using the campus VPN, and considering networks as unsecure in general also apply after you arrive. 
• Physically protect yourself, your devices, and any identification documents. Always keep your devices with you during your travels. Do not assume they will be safe in your hotel room or in a hotel safe. 
• Do not plug in untrusted accessories. Accessories that come from questionable or unknown sources can be infected with malware intended to steal your information. Avoid plugging in any untrusted accessories (flash drive, charging cable/station/port, SD card, power stick, etc.) to your device. Try to bring all necessary accessories with you, but if you must purchase something abroad, make sure it is from a reputable source. 
• Never log into anything when using public computers. They may be loaded with keyloggers and malware. If you use a device belonging to other travelers, colleagues, or friends, do not log in to email or sensitive accounts. 
• Disable Wi-Fi and Bluetooth when not in use. This protects you from harmful connections and some types of tracking technology. 
• Wait to post about your trip on social media until you return home. 

When you return