NU ITS always refer international travelers with export control questions or concerns to their campus Export Control Office to get official guidance on what would be allowed or appropriate for where they are going. Below are additional NU ITS guidance and best practices for IT Security for export controlled international travel, everything may not be applicable for your situation, but we feel it is good general advise and things to consider to secure IT resources and data while you travel internationally.
The UNL Office of Research & Economic Development (ORED) has a an “Export Control FAQ’s” with “International Travel Caution Information” section you may find helpful to review. https://research.unl.edu/researchcompliance/eccp-faq/
Before You Leave:
- Engage your IT Support Team so they are aware of your travel plans.
- We recommend international travelers take a loaner travel device. You should request a loaner travel device from your IT Support Team. (If you need to purchase new travel hardware, we recommend any of the standard models listed in CDW-G. The identified laptops (PC & Mac) all have the necessary security hardware to protect university data. Your IT Support Team will configure the laptop using the standard Endpoint Baseline procedure and apply either Medium or High-Risk Security Controls as appropriate for the user.)
- Only take data that is essential for the trip. “If you do not need it – do not take it with you!”
- Plan to access email and other university resources online, do not use the local Outlook or OneDrive applications on a loaner devices.
- Some foreign countries restrict the use of encryption and may access your devices at the port of entry. Review the local laws of your destination country or contact the local embassy to alert them of your travel plans and review any travel advisories. https://step.state.gov
- Confirm that the travel device is configured with the Endpoint Baseline, encrypted (if permitted by local laws), and all software is up to date.
While You’re There:
- Assume all public computers are insecure and do not use them.
- Always keep your travel device in your possession or in a secure location.
- Notify your IT Support Team and ITS Security Services immediately if your device is lost or stolen.
- Use the NU VPN on your travel device when connected to a network if permitted by local laws.
- If local laws do not permit encryption technologies, uninstall the NU VPN client before traveling.
- Disable WiFi and Bluetooth when not in use.
- Power off the travel device when not in use.
- Do not use untrusted devices such as public USB charging stations, only use your own chargers.
When You Return:
- Return the travel device to your IT Support Team so that it can be appropriately sanitized and re-configured for the next user.
- Notify your IT Support Team and ITS Security Services if local authorities detained the travel device during your trip.
A couple of important notes regarding taking a laptop or using VPN while traveling to countries where VPN and/or encryption may be illegal (China, Iran, North Korea, etc.). Please contact your export control office for more information.
- The device cannot be encrypted.
- The NU VPN or any other VPN/encryption software should not be installed on the laptop.
- Remote access to public NU services (including Office 365) should be reduced to only required and necessary activity.
- Do not use the local Outlook or OneDrive applications/clients on the loaner device, web only.
- Assume everything you do online is monitored, collected, and inspected. Refrain from private or confidential online activities like banking or accessing online accounts.
- If the laptop is removed from your custody at any time (including Customs), it should be appropriately destroyed upon return to the University and never connected to any university network (WiFi or Wired).