The Academic Professional's Guide to Safe Computing When Traveling Abroad
Before you goDuring your stay
Upon your return
Before you go
Reserve a "loaner" laptop or cell phone Prepare your laptop/tablet for travel Minimize the information you take with you Review University and personal passwords Familiarize yourself with local laws and security
Consider taking a loaner or rental device rather than your personal equipment. This will limit the amount of data at risk should your laptop or phone be lost, stolen or searched. PC and Macintosh laptops with appropriate up-to-date security protections are available for checkout from DoIT. Cell phones are also available. Devices available for checkout is limited so reserve as soon as you can.
If you can not take a loaner device, sanitize your device by backing up the information and remove all information not needed during your travels. Ensure up-to-date protections for anti-malware, security patching and firewalls.
Take the minimum amount of information needed for your travel. Do not take sensitive information (electronic or printed) with you as you travel. Evaluate the sensitivity of the information you are considering taking by knowing in many countries/cultures there is no expectation of privacy. Backup all information you do take and leave the backup at work. Remove all external storage media (e.g. CDs, USBs, etc.) from the computer before you travel.
Do not use the same login credentials for University and personal business. Where possible, ensure passwords for sensitive enterprise systems (e.g ISIS, HR, etc) are not the same as self-service passwords (e.g. email, calendar, myuw, etc.) Make any necessary password changes warranted by this review, particularly for systems you will be accessing while abroad.
Visit the U.S. State Department's web site to obtain information about the safety and security of the country you are visiting and to enroll in the Smart Traveler Enrollment Program (STEP).
During your stay
Have no expectation of privacy
Eavesdropping is routine in some countries. Limit electronic and face-to-face discussion of sensitive information. If possible, wait to discuss sensitive matters upon return or using a known secure mechanism.
Treat electronic devices as compromised
Do not use computers or faxes at foreign hotels or business centers for sensitive matters. Do not allow foreign storage devices e.g. USB, CDs, etc. to be connected to your computer or phone.
Keep electronic devices in your physical possession
Do not leave these devices unattended e.g in your hotel room, in hotel safes, in your checked baggage, or do not ask someone to watch for you.
Disable devices network capabilities when not in use
Turn off Bluetooth and Wifi capability on your device when you are not using. Consider turning off your cellular phone when it is not in use and particularly if you have a data plan enabled.
Avoid accessing systems with sensitive or restricted information from abroad
This is particularly advisable in countries where there is no expectation of privacy. See the U.S. State Department's web site for country specific issues. In general, when accessing University systems minimize the length of time and amount of information accessed. Use VPN whenever possible to connect to campus resources, unless you are in a country that doesn't allow encryption
Report loss or theft of information or electronic devices to help@doit.wisc.edu
Upon your return
Clean and/or rebuild all electronic devices Change passwords Click here to download the "Traveling Abroad Safety Guide" (.pdf) Contact the DoIT Help Desk for assistance
Return the loaner laptop to DoIT for analysis and cleaning. If you took your personal computer, we highly recommend that the laptop is analyzed for malware, unauthorized access and if necessary re-built before next use. DoIT can assist in this effort.
Consider changing passwords for all systems you accessed while traveling.Additional resources