Planning a trip abroad? Consider the equipment you are taking when you plan to leave the United States. Devices such as laptops, tablets, and smart phones contain personal information. It is important to know that they may also contain university data governed by Ohio State’s Institutional Data Policy (IDP).
Just as you would protect your physical safety while abroad, please be aware of your digital safety as well. The Federal Communications Commission offers some advice on their site.
Additionally, you should consider the following issues.
Before you travel
- Use Temporary Devices: If you have the means, taking a temporary device (such as a cheap, disposable pre-paid device) is the surest way to keep your personal or university devices safe. Don't take your regular personal or work device.
- Back Up Data: Back up your personal electronic files and store them in a safe place in the United States. PLEASE NOTE: No University data should reside on your devices prior to boarding your craft.
- Remove Sensitive Data: If you are unsure about how to properly scrub your device of university data rated S3 or S4, please contact your department’s IT support. Also, minimize the amount of personal data on the phone (contact lists, credit card information, personally identifiable information).
- Use Strong Passwords: If you're not sure if your passwords are stong, review our suggestions for creating strong passwords.
- Update Antivirus: Ensure antivirus and operating system software is up-to-date.
While you are traveling
Be vigilant about possession and use of your equipment and information. Don’t assume it is safe. Criminals may be visible or invisible.
- Don't Expect Privacy: In most countries, you have no expectation of privacy. Be alert at all times to this reality.
- Turn Off your Devices: Increase security by poweriing down devices when you aren't using them.
- Use Passcodes: Always use passcodes or passwords to lock and unlock the device. Assume you may accidentally leave them on a restaurant table or in the back of a cab. Do not allow the next person to find your phone access to your digital life.
- Keep Electronics with You: Keep your devices close in airports, hotels, and restaurants. Although hotel safes are an option, consider them unsecured if you are in a "watch list" country.
- Disable Network Protocols: Be sure to disable all unnecessary network protocols (e.g., WiFi, Bluetooth, infrared, etc.) that can be a gateway into your device.
- Be Aware of your Surroundings: Other eyes can take information from you by looking at your devices.
- Use a Privacy Screen: Consider buying and using a privacy screen on your laptop when you are in public areas.
- Prepare for Worst-Case Scenarios: Presume your device will be confiscated and searched at your port of entry.
- Beware of Local Networks: Connecting to local networks while abroad may expose your device to malware.
- Avoid using Public Devices: Using cybercafes to log into services like Facebook, Twitter or your bank website may leave a trail of information that others could exploit. Do not use public computers to log into the University's network.
- Don't use Public Charging Ports: Avoid using pubic USB charging ports commonly found in airports. They can be used to transfer malware to your device. Always use a charging plug and wall outlet.
- Clear your Internet Browser: Clearing your browser after each use includes deleting history files, caches, cookies, and temporary internet files.
- Vary your PIN Numbers: Don’t use the same passwords or PIN numbers while abroad that you do in the United States. For instance, if a hotel has a safety deposit box, use a different PIN than one used for your bank card.
- Report Device Theft Promptly: If your device is stolen, report it immediately to the local US Embassy or Consulate; if a university device, report the incident.
After you return from traveling
Upon return home:
Devices used abroad can be compromised. Consider the following upon setting afoot domestic soil:
- Change passwords of your devices.
- Contact your local IT department before connecting those devices to a university network or resources.
- It is not uncommon for foreigners to contact you upon your return. The Federal Bureau of Investigations urges you to report any unusual circumstances.
When traveling abroad on university business, please be aware that export restrictions may apply depending on your travel destination(s). You may need an export license or other governmental approval before traveling with certain types of personal items or equipment (including but not limited to laptops, encrypted devices, web-enabled cell phones, GPS units, scientific equipment), or with controlled or proprietary research data or information, in any format.
If you are traveling to one of the following watch list destinations please find important export control information:
- North Korea
- Saudi Arabia
- United Arab Emirates
If you are traveling to do field research, get more information about specific field work activities that may trigger export control compliance issues.
Contact the University's Export Control Office at email@example.com or by calling (614) 688-1596 as soon as possible so that we can help determine if export restrictions or controls apply to your travel. For more information, visit the Office of Research Compliance's website.