Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

International travelers (Students, Faculty and Staff) should limit the amount of sensitive information that is stored on or accessible to any mobile device taken on the trip, and travelers should avoid contact with the Fredonia network in general, specifically when traveling to high risk countries (see U.S. State Department's Alerts and Warnings).

Traveling internationally can pose significant risks to information stored on or accessible through computers, tablets and smartphones.  Some of the risk is associated with increased opportunities for the loss or theft of the device and just merely the distraction of traveling. Additionally, our devices are put at risk because they will use networks that may be managed by entities that monitor and capture network traffic for competitive or malicious purposes.

Preparing for your trip

...

  1. Identify "high risk" countries you plan to

...

  1. visit - Visit the U.S. State Department's Alerts and Warnings web page to identify "high risk" countries you plan to visit.

  2. Understand the sensitivity of any data you bring or access

...

  1. Seek ways to limit the amount of sensitive information that you take on your trip.  Examples of data that should be left on campus or afforded exceptional protection include information that might be considered sensitive by the host government, and information defined as

...

  1. "Private or Restricted" by the Fredonia Data Risk Classification Policy.  Removing unnecessary confidential data from any device reduces the risk of exposure to anyone gaining access to the information.

  2. Follow guidelines for protecting your devices and data

...

  1. Review and follow the best practices listed on our Online Safety Page.  Understanding and following these practices will help you reduce the risk to the data and devices you are carrying or have access to in your travels. 

  2. Learn about hardware and software travel restrictions

...

  1. Knowing the restrictions that countries place on transported hardware and/or software reduces the likelihood of your devices being confiscated or your trip being disrupted.  In the hardware and software realm, export and import controls may apply to the hardware and software you may bring along. The United States restricts the transporting of certain types of hardware and software products to specific countries (referred to as "export controls").  Many other nations restrict the transporting of certain types of hardware or software into their country (referred to as "import controls").

...

  1.  

  2. Duo Security Multi-Factor Authentication Users (Only) - You must notify the Information Technology Services via a FredQuest ticket to bypass Duo Security should you travel to a country under the jurisdiction of EU General Data Protection Regulation (GDPR). For more information: http://www.eugdpr.org/

    NOTE: There are countries into which we cannot bring an encrypted device either due to United States export restrictions or import restrictions imposed by the destination country. Please visit the Wassenaar Arrangement Page for additional details.

Things to remember while traveling

  1. Avoid accessing the University directly with your Fredonia ID and password

...

  1. By not logging into Fredonia applications while you travel, you eliminate the risk of your ID and password to Fredonia being captured and used to compromise Fredonia systems.  You also reduce the amount of data that is retrievable if your mobile device is lost, stolen or otherwise compromised. 

...

  1. Keep your direct access to Fredonia systems and information to an absolute minimum, preferably zero. Only access email through your external email account.  Access the data you need for your trip from the external storage service (e.g., Fredonia Google Drive).  Allow a colleague to add files to your external network drive in case a file was forgotten during preparations. Employees should always use their Virtual Private Network Service to remotely access sensitive University computing resources.
  2. Avoid using public workstations

...

  1. - The security of public workstations, especially in high risk countries, cannot be trusted.  When you use a public workstation, anything that you enter into the system - IDs, passwords, data - may be captured and used, so limit your activity to the devices that you bring.
  2. Be aware of your surroundings when logging in or inputting data into your devices

...

  1. .There have been many cases where an ID, password or a piece of confidential information had been compromised simply by watching the person input the information. Be discrete when inputting your ID and passwords.
  2. Notify Fredonia if a theft or loss occurs

...

  1. Traveling can be fraught with a variety of distractions - going through airport security, finding your way around town, getting used to cultural norms, etc.  Unfortunately, most instances when mobile computing devices are lost or stolen occur in the areas where the distractions are the greatest.  Recognizing distracting situations and, when they occur, taking extra care to maintain your focus can prevent you from having to take the steps necessary to disable those devices and obtain replacements.

...

  1.  In case a laptop or mobile device is lost or stolen, contact ITSservicecenter@fredonia.edu or (716) 673-3407.

When you return

  1. Change any passwords you may have used during your travels

...

  1. When you return from your trip, change any passwords you may have used during your travels from a trusted device. When traveling, especially in high risk countries, the likelihood that your ID and password will be captured is high. Quickly changing a compromised password helps prevent future attacks on that account.  Click here to change your University password.

  2. Review your online account activity for anything suspicious (e.g. bank account, credit cards etc..).

Assumptions when traveling

...