Live now: Board of Curators meeting

UM System

Information Security Travel Standard

When traveling, especially internationally, special care must be taken to protect University data. If you have questions about these recommendations, contact your IT support staff or your ISO.

Guidelines

Mobile Devices

  1. Set the device to require a passcode.
  2. Enable GPS tracking functionality so that a stolen device may be tracked:
    • iPhones and iPads: enable "Find My iPhone".
    • Android devices: enable "Android Device Manager".
  3. If your smartphone or tablet is configured to connect to the University email system, notify the central IT department's security team in the event of theft. The device may be able to be wiped remotely.

Laptops

  1. Using a departmental loaner laptop containing no sensitive information is strongly recommended in lieu of taking a personal or University-owned device that contains any type of sensitive or restricted data. U.S. laws and regulations may prohibit international travel with export controlled data; check with your ISO and/or the export control contact at your campus prior to travel.
  2. Encryption is recommended in all cases. It is required for computers containing DCL4 data. However, it is illegal to take encrypted devices to certain countries, which may result in the confiscation of devices.  Check with your ISO and/or the export control contact at your campus prior to travel.
  3. Obtaining and using a Kensington-style lock should be used to deter theft. These locks are inexpensive and supported by virtually all laptops.
  4. Use a generic carrying case so thieves can't readily identify that you're traveling with a laptop.
  5. When flying, do not check your laptop. Carry it on the plane with you.
  6. When traveling by car, lock your laptop in the trunk or otherwise keep it out of sight.
  7. Take a legible copy of your receipt for recently-purchased electronic equipment. If your electronic device was made in a foreign country, you may be required to pay duty on it every time you return to the United States unless you can prove that you owned it before you departed the country.

Storage Devices

  1. Use a new device, such as a thumb drive, that has never contained confidential data. Even if a drive has been formatted or files have been deleted, documents can still be recovered.
  2. Encryption is recommended in all cases. It is required for devices containing DCL4 data.  However, it is illegal to take encrypted devices to certain countries, which may result in the confiscation of devices.  Check with your ISO and/or the export control contact at your campus prior to travel.

Reviewed 2019-08-24

Sections