Travel Security Guidance for Your Electronics
ASU’s community is mobile. From homes to conference and hotel rooms in countries around the globe, being online anytime from anywhere increases convenience, flexibility, and productivity. As you prepare for travel here’s some guidance to protect your electronic devices and data.
- Ensure your equipment including laptop, tablets and phones are encrypted prior to your departure. Click here for details.
- Remove sensitive data you don’t need for the trip. For travel to certain countries where equipment may be at risk, we recommend not taking any computerized devices. If you must take a computerized device, take a loaner or alternate device that contains no data and then wiped clean upon return.
- If you cannot keep your laptop with you during travel, ensure it is turned off while stowed in your luggage or locked facility. Do not pack internet cards, USB drives, etc. in the checked baggage with your encrypted devices.
- When you arrive at your destination, connect only via a secure/encrypted wireless connection.
- If your laptop is lost or stolen, immediately report the loss or theft to ASU Information Security Office at firstname.lastname@example.org.
- Always use a VPN, such as the ASU VPN for faculty and staff, when connecting to any ASU or other sensitive resources.
- Be wary of shoulder-surfing - someone who might be nearby that could be looking over your shoulder at your screen - consider using a screen shield or privacy guard.
- If you have questions, see contact information below:
- Students - visit the Tech Studios.
- Faculty & Staff - confirm with your desk side staff or contact the ASU Help Center at 1-855-278-5080.
Additional informational resources on international travel and security:
With Mobility Comes Responsibility
ASU personnel handle many kinds of sensitive information, much of it subject to privacy laws and other regulations. This information may reside on ASU-managed network servers, on third-party "cloud" systems, or even sometimes on local disks, portable devices, or removable media. Wherever it resides, and wherever we are at the time, it's everyone's responsibility to keep this information secure and confidential.
ASU's Sensitive Data Handling standard outlines roles, responsibilities, and appropriate methods for securing sensitive information. The standard includes an appendix with detailed examples of information considered sensitive; the list is exemplary, not exhaustive, but will give you a basis for evaluating the sensitivity of other data. Below are some things that everyone who works at ASU should do to protect information.
Smart phones, tablets, laptops, flash drives, and mp3 players are all mobile devices that can store large amounts of data and are highly portable. They are easy to steal or lose, and unless precautions are taken, an unauthorized person can gain access to the information stored on them or accessed through them. Even if not stolen or lost, intruders can sometimes gain all the access they need if the device is left alone and unprotected, if data is transmitting information via a wireless network, or if malware is installed. The results can include crippled devices, personal data loss, and access to information you may not have thought you had access to.
Public Wi-FI and Hotel Internet
While public Wi-Fi and hotel internet can be very useful to ASU employees while traveling, there are also security risks both due to their open nature as well as the tendency to have few security measures if any. If you are traveling and require internet, below are some actions you can take to protect yourself if you must use public Wi-Fi or hotel internet.
- Update/patch your computer with the latest patches available prior to traveling. A significant amount of the attacks perpetrated by hackers are successful because people fail to patch their systems. Many security vulnerabilities are fixed by the operating system creators when vulnerabilities are found. However, all too often people do not patch the vulnerabilities and that leaves an open door for an attacker to walk through and access your data.
- If you do connect to a public Wi-Fi or hotel Internet, practice good Internet hygiene. Remember a public Wi-Fi or hotel Internet has many users and you have no control of who those users are. It is not a good idea to use those Internet access points to access sensitive information nor is it a good time to access your personal banking information either.
- Confirmation is key. If you are in a public space and even in a hotel. Anyone can setup a Wi-Fi network ID and broadcast it. Before you assume the free Internet you are trying to access is called "Free Internet", speak with someone that is working at the location and confirm the name of the Wi-Fi network they are offering.
- You may not be able to control who’s on that public Wi-Fi or hotel network you’re using, but you can control your computer. if you are using a Windows PC or a Mac, your computer has some file sharing options that assume you are on a trusted network, with other trusted computers. Turn off file sharing in Windows and macOS, enable your system’s built-in firewalls, and keep Internet-connected apps and services to a minimum.
- Ensure your anti-virus and anti-malware is up to date.
- Use VPN when possible. VPN's create an encrypted connection from your device to a private network over a public network. Even if someone was able to intercept your traffic they would be unable to do anything with it because it is all encrypted. ASU provides our SSLVPN service for secure connectivity to ASU resources: https://sslvpn.asu.edu
- Bring your own Internet. Many mobile services offer mobile hotspot functionality. Mobile hotspot means you use your phone or a mobile carrier's device to access the Internet. This method bypasses the both the public Wi-Fi and hotel Internet all together.
Mobile Device Security Checklist
- Lock your device by configuring a passcode or use biometrics to use the device.This helps prevent unauthorized individuals from gaining access to your data.
- Enable encryption on your mobile devices, and ensure that they are configured to encrypt storage with hardware encryption. In conjunction with a management service or "Find My iPhone," this prevents access to your data in the event that a device is lost or stolen. Click here for Android password and encryption help or Click here for iOS password and encryption help.
- Set an idle timeout that automatically locks the device when not in use. 15 minutes or less is recommended.
- Keep all software up-to-date, including the operating system and installed "Apps." This helps protect the device from attack and compromise.
- Properly configure the location and security settings on your device.
- Scrutinize permissions requested by apps. Be careful in accepting requests for personal or device information, including access to your location, your contact lists, or your camera roll.
- Enroll your device in a “find my device” service , such as Find My iPhone or Android Device Manager. These allow location tracking and remote data recovery/wipe.
- Install and enable anti-virus/anti-malware and/or app scanning software as appropriate for your phone's operating system.
- Label your device with your name and a phone number where you can be reached to make it easy to return if lost.
- Mobile devices often have a greater risk of loss, theft, damage, or hardware failure. Ensure continuous access to your data by backing it up regularly.
Apple Security Guide
Portable Storage Devices Security Checklist
- Portable Storage Devices are usually large capacity drives that are easily moved from place to place (e.g., USB memory sticks, external hard drives, etc).
- Configure a username/password combination to access the data/device.
- Devices used to store and/or transport sensitive data must be encrypted.