Mobile Security & Travel Guidance

Guidance for Your Electronic Devices

ASU’s community increasingly global and mobile. From homes to offices to conference centers and hotel rooms around the globe, being online anytime from anywhere increases convenience, flexibility, and productivity. Here’s some guidance to protect your electronic devices and data.

Before you begin your trip:

Ensure your equipment including laptops, tablets and phones leverage basic security controls and are encrypted prior to your departure.
Remove sensitive data you don’t need for the trip.
For travel to security sensitive locations, consider whether it makes sense to take electronic devices and if needed take a loaner or alternate device(s), including laptop and phone, and ensure it is wiped clean upon return.
For connecting as you travel, ensure you have an appropriate VPN service installed. ASU offers two VPN services.
Contact your local deskside team or the ASU Experience Center for additional information 1-855-278-5080 or chat directly 24/7/365. Students can visit the Tech Studios on campus.

While you are traveling:

Keep your electronic devices with you as much as is possible. If you cannot keep your devices with you during travel, ensure they are turned off while stowed in your luggage or locked facility. Pack internet cards, USB drives, etc. separate from your encrypted devices.
Connect only via a secure and encrypted internet connection using a VPN such as the ASU VPN https://sslvpn.asu.edu.edu/2fa or the full tunnel version at https://sslvpn.asu.edu.edu./tunnel for faculty and staff. Cellular connections are considered more secure than Wi-Fi access.
Be wary of shoulder-surfing - someone who might be nearby that could be looking over your shoulder at your screen - consider using a screen shield or privacy guard.
If your laptop is lost or stolen, immediately report the loss or theft to the ASU Information Security Office at infosec@asu.edu or the ASU Experience Center at 1-855-278-5080

Additional informational resources on international travel and security:

Additional Details for Electronic Devices & Travel

Data Security Overview

ASU personnel handle many kinds of sensitive information, much of it subject to privacy laws and other regulations. This information may reside on ASU-managed network servers, on third-party "cloud" systems, or even sometimes on local disks, portable devices, or removable media. Wherever it resides, and wherever we are at the time, it's everyone's responsibility to keep this information secure and confidential.

ASU's Sensitive Data Handling standard outlines roles, responsibilities, and appropriate methods for securing sensitive information. The standard includes an appendix with detailed examples of information considered sensitive; the list is exemplary, not exhaustive, but will give you a basis for evaluating the sensitivity of other data. Below are some things that everyone who works at ASU should do to protect information.

Smart phones, tablets, laptops, flash drives, and mp3 players are all mobile devices that can store large amounts of data and are highly portable. They are easy to steal or lose, and unless precautions are taken, an unauthorized person can gain access to the information stored on them or accessed through them. Even if not stolen or lost, intruders can sometimes gain all the access they need if the device is left alone and unprotected, if data is transmitting information via a wireless network, or if malware is installed. The results can include crippled devices, personal data loss, and access to information you may not have thought you had access to.

Public Wi-FI and Hotel Internet

While public Wi-Fi and hotel internet can be very useful to ASU employees while traveling, there are also security risks both due to their open nature as well as the tendency to have few security measures. If you are traveling and require internet, below are some actions you can take to protect yourself if you must use public Wi-Fi or hotel internet.

Update/patch your computer with the latest patches available prior to traveling. A significant amount of the attacks perpetrated by hackers are successful because people fail to patch their systems. Many security vulnerabilities are fixed by the operating system creators when vulnerabilities are found. However, all too often people do not patch the vulnerabilities and that leaves an open door for an attacker to walk through and access your data.
If you do connect to a public Wi-Fi or hotel Internet, follow effective security practices. Remember a public Wi-Fi or hotel Internet has many users with varying degrees of device security. It is a good idea to postpone accessing ASU systems or other systems that may involve sensitive information such as your personal banking.
Remember to review settings on your device. Macs and PCs have some file sharing options that assume you are on a trusted network, with other trusted computers. If you are connecting to that isn’t your work or your home, turn off file sharing in Windows and macOS, enable your system’s built-in firewalls, and keep Internet-connected apps and services open to a minimum.
Confirmation is key. Anyone can setup a Wi-Fi network ID and broadcast it. Instead of assuming the name of the free Internet you are trying to access, contact someone working in the hotel, coffee shop, etc. to confirm the name of the Wi-Fi network they are offering.
Ensure your anti-virus and anti-malware is up to date.
Use a two-factor authentication (2FA) VPN when connecting to any ASU or other sensitive resources. VPN's create an encrypted connection from your device to a private network over a public network. Even if someone was able to intercept your traffic, they would be unable to do anything with it because it is all encrypted. ASU provides our two-factor VPN service for secure connectivity to ASU resources: https://sslvpn.asu.edu/2fa
Bring your own Internet. Many mobile cell services offer mobile hotspot functionality. Mobile hotspot means you use your phone or a mobile carrier's device to access the Internet. This method bypasses both the public Wi-Fi and hotel Internet all together.

Mobile Device Security Checklist

Lock your device by configuring a passcode or enable biometrics in order to use the device. This helps prevent unauthorized individuals from gaining access to your data.
Enable encryption on your mobile devices, and ensure that they are configured to encrypt storage with hardware encryption.
Enroll your device in a “Find my device” service , such as Find My iPhone or Find My Device on Android. These services allow location tracking and remote data recovery/wipe.
Set an idle timeout that automatically locks the device when not in use. 15 minutes or less is recommended.
Keep all software up-to-date, including the operating system and installed "Apps." This helps protect the device from attack and compromise.
Properly configure the location and security settings on your device.
Scrutinize permissions requested by any of your phone’s apps. Be careful in accepting requests for personal or device information, including access to your location, your contact lists, or your camera roll.
Consider labeling your device with your name and a phone number where you can be reached to make it easy to return if lost.
Ensure regular backups since mobile devices often have a greater risk of loss, theft, damage, or hardware failure.

Additional guides:

Android Security Settings
Apple Security Updates
Apple 2FA ID

Portable Storage Devices Security Checklist

Portable Storage Devices are usually large capacity drives that are easily moved from place to place (e.g., USB memory sticks, external hard drives, etc).
Configure a username/password combination to access the data/device.
Devices used to store and/or transport sensitive data must be encrypted.
Use only portable storage devices issued by ASU to store any ASU related data, not free devices or those you may find in the hallway or parking lot.