Mobile Device Security When Traveling Abroad – Cyber Security Awareness Month 2018
This blog post is intended to provide a follow up to a previous post. You are encouraged to read the previous post because it, too, contains relevant information about this important topic.
Travelers face an ever-increasing variety of cyber threats. Vulnerabilities, including unsecured devices and data and over-sharing information, can be minimized if we understand these threats and take appropriate precautions. Recommendations to help protect your data, devices, and professional and personal identity include:
- Store data on a USB thumb drive or other removable media that can be destroyed after use and do not accept USB thumb drives or other removable media from any other sources. When possible, travel with a new or re-imaged device so that no data is stored on it. Do not plug USB-powered devices into public charging stations – only connect USB-powered devices to the power adapter with which they were intended to be used.
- Keep electronic devices with you at all times. When not in use, devices, network connections and services should be turned or powered off.
- Before traveling, change all passwords that you will use while traveling abroad and clear browsing histories and other stored information that could be abused by foreign entities. Upon your return change the passwords of any accounts that were accessed while abroad.
- Delete unnecessary applications, plugins, and software.
- Ensure your computer and mobile device has the most recent patches, software updates, and anti-virus software installed.
- Where possible use a one-time web-mail account.
- Do not access sensitive accounts or conduct sensitive transactions over public networks, including hotel business centers and Internet cafés. If a connection to sensitive accounts or systems is required, use a virtual private network (VPN) connection, if it is legal in the country to which you are traveling. Note that it is not legal to use OSU’s VPN in all countries outside the U.S. You should consult with your local contacts before using a VPN.
- Know the local laws regarding online behavior as some online sites are illegal in certain countries, including Google, YouTube, Facebook, Twitter, and Instagram. Consult the State Department website for information about particular destinations.
- Assume that all online activity is subject to government and/or other monitoring techniques, including OSU’s Outlook Web Access (cowboymail.okstate.edu).
- Use of mobile apps that contain encrypted communication may be illegal. Consult your local contacts before using the app.
Note about OSU’s VPN: the VPN offered by OSU encrypts and secures data only when accessing okstate.edu domains. When connected to the VPN, data transmitted to/from non-okstate.edu domains will be sent across the public network (unencrypted).