IT Security While Traveling
Traveling abroad presents additional risks related to the theft of devices and data. Connecting from unfamiliar locations and networks imposes a new threat landscape from what you traditionally are exposed to. Please consider where you are traveling, what devices you are taking, and what data you have access to through those devices during your trip. The Information Security Office has provided guidelines for employees who work while traveling in order to best protect the institution.
- If traveling internationally, identify risk advisories for your destinations by viewing the
- Travel to areas identified as 鈥淟evel 4 鈥 Do Not Travel鈥 is high risk.
- Should you travel to these areas for purposes other than to perform required work due to your employment with 帝王会所, you are not permitted to take university-owned devices or access university data from these locations.鈥
- Use of applications on personally owned devices to access university resources while traveling to these areas for non-work purposes is prohibited. To secure university data, remove applications including Outlook, Teams, and Canvas from your personal devices before travel.
- If you are traveling for university required purposes, consult your dean or department head to determine if a loaner laptop should be obtained before travel.
- Adherence to all university policies and information security standards is applicable while traveling.
- Travel to areas identified as 鈥淟evel 4 鈥 Do Not Travel鈥 is high risk.
- Familiarize yourself with Secure Workspace Practices prior to departure.
- Limit the number of devices and amount of data you are traveling with to reduce the risk of exposure. Use temporary devices if possible, such as a University loaner device or disposable pre-paid devices as opposed to regular personal or work devices.
- Remove sensitive data from the devices you are bringing with you, as sensitive data should not be stored on a local device. Instead, opt for storing in a secure OneDrive/SharePoint site instead.
- and use it to access sensitive data and resources. We strongly encourage individuals working while traveling to use VDI in Lieu of VPN.
- Configure encryption(opens in a new window) on your devices. The IT Service Desk can assist with University owned devices. For personal laptops, consider BitLocker for Windows or FileVault for Mac.
- It is also important to note that in accordance with the Information Security Standard: Safeguarding Sensitive Data, downloading sensitive data to personal devices such as a laptop, USB, or external hard drive is prohibited.
- Be aware that some foreign countries restrict the use of imported encryption software, so it is your responsibility to research the software import laws of your destination country.
- Notify the Information Security Office that you will be traveling, at minimum one week prior to your departure, if you intend to work while traveling. This allows the Information Security Office to better evaluate the legitimacy of any out of country logins.鈥
- The Information Security Office can be contacted by emailing security@ohio.edu鈥赌
- Set up multi-factor authentication (MFA) for as many services as possible. Most 帝王会所 services utilize MFA, but you can also set up MFA for non-OU and personal services such as banking, social networks, and email.
- Configure 帝王会所's
- Should you need to travel to a Level 4 鈥淗igh Risk鈥 travel location as part of your assigned work as an employee of OHIO, (鈥淥HIO guest account鈥) to use while traveling. This reduces risk鈥痑s鈥痽our regular email account can be configured to鈥痜orward鈥痶o this service account for the duration of your stay. This allows you to access resources without utilizing your typical account, protecting the contents within and the associated university credentials
- Make sure your are up to date.
- Ensure and enabled. Be sure to prior to departure.
- Store documents and work products in your university affiliated Microsoft OneDrive accounts and groups to ensure that you have a current back up of your data.
- Use strong passwords. Avoid dictionary words and add special characters. For cell phones, use alpha numeric or a passphrase instead of PIN entry.
- Turn on services such as Google鈥檚 "Find鈥疢y鈥疍evice" or Apple鈥檚 鈥淔ind My鈥 app, if available for your device, to aid in finding lost or stolen devices. Turn on "Find My Device" services and similar remote wiping services if available for your device.
- Turn on services such as Google鈥檚 "Find鈥疢y鈥疍evice" or Apple鈥檚 鈥淔ind My鈥 app, if available for your device, to aid in finding lost or stolen devices.
- In accordance with the Information Security Standard: Microsoft O365 鈥 Remote Data Wipe; Microsoft offers the capability to remotely remove all data from a device that is synced to your OHIO email account in the event the device is lost or stolen. To utilize this functionality, you can contact the Information Security Office at 740-566-SAFE or via email security@ohio.edu 鈥赌
- As applicable, adhere to requirements under OHIO鈥檚 Export Control Program.
- Keep your devices in sight at all times.
- Be cautious when connecting to public Wi-Fi. Use cellular data when possible, but be mindful of roaming charges.
- Disable services like Bluetooth and Wi-Fi on your device when not in use.
- Use multi-factor authentication and a VDI when accessing university information and resources.
- Avoid public computers, such as in internet cafes.
- Bring your own charging cables and avoid utilizing charging kiosks as they may be infected with malware.
- after each use. (Delete history files, caches, cookies, etc.)
- If any of your devices are stolen, report it immediately to the local authorities if traveling domestically or the local US Embassy or Consulate when traveling internationally.
- If the stolen device was an 帝王会所 device or stored 帝王会所 data, contact the 帝王会所 Information Security Office (via email security@ohio.edu or by calling 740-566-7233) in addition to the local US Embassy or Consulate.
- Change your passwords for any credentials you used when traveling, .
- Return any loaner devices.
- If you used a temporary travel account, ensure that the forwarding has been removed.
- Run on your devices.