This article addresses three common topics on IT for International Travel.
• Export Control
• Information for International Travel
• Traveling to China
Export Control for International Travel
International travelers with export control should contact their campus Export Control Office for official guidance on what will be allowed or appropriate for where they are traveling. The UNL Office of Research & Innovation (R&I) has published Export Control FAQ’s with an “International Travel Caution Information” section you may find helpful to review.
Information for International Travel
Below is general guidance and best practices for IT Security when traveling internationally. Everything may not be applicable for your situation. If you have any questions please contact your IT Support Team for assistance.
Before You Leave:
- Engage IT Support: Engage your IT Support Team so they are aware of your travel plans.
- Request a Loaner Travel Device: International travelers should take a loaner travel device. Request one from your IT Support Team. If purchasing new travel hardware, consider standard models listed in CDW-G. These laptops (PC & Mac) have the necessary security hardware to protect university data. Your IT Support Team will configure the laptop using the standard Endpoint Baseline procedure and apply either Medium or High-Risk Security Controls as appropriate.
- Device Configuration: Before leaving, confirm with your IT Support Team that the travel device is configured with the Minimum Security Controls, and includes essential security tools such as Cortex XDR and NU VPN.
- Update Your Software: Apply all available operating system, software, and security updates to address any known vulnerabilities.
- Data Management: Only take data that is essential for the trip. “If you do not need it – do not take it with you!” Plan to access email and other university resources online. Avoid using local Outlook or OneDrive applications on a loaner device.
- Remote Access: Remote access to NU services (including Office 365) should be reduced to only required and necessary activity.
- Local Laws and Encryption: Some foreign countries restrict the use of encryption and may access your devices at the port of entry. The Smart Traveler Enrollment Program (STEP) is a free service to allow U.S. citizens and nationals traveling and living abroad to enroll the trip with the nearest U.S. Embassy or Consulate and review local laws. Additionally, review any government Travel Advisories for your destination.
While You’re There:
- Protect Your Passwords: Never store passwords, other authentication information, or multifactor devices in a location that is accessible to others.
- Keep Your Travel Device Secure: Always keep your travel device in your possession or in a secure location.
- Report Lost or Stolen Devices: Notify your IT Support Team and ITS Security Services (its-sec@nebraska.edu) immediately if your device is lost or stolen.
- Use NU VPN: Use the NU VPN on your travel device when connected to a network if permitted by local laws. If local laws do not permit encryption technologies, uninstall the NU VPN client before traveling.
- Wi-Fi and Bluetooth: Disable Wi-Fi and Bluetooth when not in use. Avoid Wi-Fi networks whenever possible, there is no guarantee they are secure.
- Power Off When Not in Use: Power off the travel device when not in use.
- Assume All Public Computers Are Insecure: Do not use public computers.
- Don’t Use Thumb Drives Given to You: Assume any removable media that doesn’t belong to you is compromised. Don’t use your own thumb drive in a foreign computer for the same reason. If you’re required to use unknown media, assume the device has been compromised and contact ITS Security Services (its-sec@nebraska.edu).
- Avoid Untrusted Devices: Do not use untrusted devices such as public USB charging stations; only use your own chargers.
When You Return:
- Return the Device: Return the travel device to your IT Support Team so that it can be appropriately sanitized and re-configured for the next user.
- Report Detainment: Notify your IT Support Team and ITS Security Services if local authorities detained the travel device during your trip.
- Change Your Passwords: Change any passwords that grant access to your devices or online services that you accessed while traveling.
Additionally, we recommend reviewing and following the travel guidance from our Multi-Factor partner DUO.
Traveling to China
Travelers should not take their university laptop on their trip to China. NU ITS recommends university employees take a temporary loaner laptop on trips to China. First see if your college has a temporary/loaner laptop that can be sanitized and used by faculty/staff for their travel to China. NU ITS can help prepare the machine if needed. If your college does not have any available equipment reach out to NU ITS Client Services to see if there is any out-of-rotation equipment headed to inventory that you can use on your trip. It is possible that any laptop taken to China will be removed from the traveler’s possession for inspection at the port of entry, and the laptop would need to be appropriately destroyed when you return to the US. Only equipment whose complete loss/destruction is acceptable should be taken on a trip to China.
Important items regarding a laptop when traveling to China:
- Encryption Restrictions: Do not travel with an encrypted device to China. China severely restricts the use of unapproved encryption. If you attempt to enter with an encrypted device, you may be asked for the decryption key, or your device may be confiscated.
- Data Risk Classification: Only take data that is essential for the trip. University data should be limited to the Low Risk classification. Disk Encryption is essential for the protection of Medium and High Risk university data.
- VPN Software: China’s laws for VPN usage are vague, however, only government-sanctioned VPNs are legal. The government may monitor communications through government-approved VPNs, and travelers can assume that all communications are monitored. Do not use the NU VPN while in China. NU ITS recommends uninstalling the NU VPN before traveling to China.
- Online Monitoring: Assume everything you do online is monitored, collected, and inspected. Refrain from private or confidential online activities like banking or accessing online accounts.
- Device Custody: If the laptop is removed from your custody at any time (including Customs), it should be appropriately destroyed upon return to the University and never connected to any university network (Wi-Fi or Wired).