Check your Security

IT Travel Resources - Things to be aware of when planning a trip

This information will help prepare individuals leaving on University related business, with personal or university owned equipment and reminds the student, staff and faculty of their security responsibilities/best practices for protection of both physical assets and data.

Staffs (Faculty, Student and Staff) are encouraged to carefully review the material below to better understand security regulations and policies and to facilitate them in the successful performance of their University related travels.

Whether using a personal computing device or a university provisioned resource, individuals are required to fully understand the risks associated with working with UI owned and personal data, whilst off campus.

Employees and or students should seek the assistance of collegiate/ departmental IT support staff to help evaluate the appropriate level of security for their travel needs.


Before Leaving The Office

Software needs

Change your Hawk ID password ahead of time to avoid the inconvenience of an expired password.

Never write your passwords down and leave them with/on your computer or in the carrying case. If you must record a password, keep it in your wallet or in another highly secure location e.g. a password keeper program of your choice. Examples of a few are, Password Safe, Password Gorilla and Password Dragon.

NEVER set your browser to remember login passwords. Always clear out the browser cache before you leave. (Check your Internet Options, and delete any saved files, pages, passwords, or the entire browser history.)

Make sure your Antivirus software and all of your operating system and program updates are current.

Do not store any sensitive personally identifiable information (PII), sensitive data e.g. research, or (if traveling abroad) export controlled software on any electronic device you intend to take with you on your trip. Should the device fall into the wrong hands the sensitive data or software could become compromised. Consider installing and running Identity Finder on your computer to see if you have PII installed on the device and remove it.

Install the UI Anywhere VPN client software and use it to secure your connection to university resources. Instructions on how to download, install and use the client can be found on the Software Central website. Alternatively seek the assistance of your collegiate/ unit support staff.

Note: The UI AnyConnect client only encrypts traffic destined to the University network; all non-UI websites you visit do NOT flow through the VPN encrypted tunnel.

Once the UI AnyConnect client is installed and started, you can connect to campus resources using Windows Remote Desktop, VNC, or Apple Remote Desktop. You can also map and access your home and departmental file storage space (commonly H or S and L drives).

Consider utilizing some form of disk or folder encryption to protect your personal files. **Seek the assistance of your departmental IT support staff, before encrypting any data. If you activate/use encryption technologies incorrectly, you could lose your data. If you are traveling abroad, keep in mind that some encryption software is export controlled, so investigate your options and consider remotely accessing sensitive data from your portable computer.

Make sure your wireless device connection is capable of using encryption when accessing a wireless hotspot (via WPA or similar). Unencrypted data can be intercepted ("sniffed").

Configure your screen to automatically lock after a short period of inactivity, and require your password to resume (unlock) it. Never leave your computer turned on and logged in, even in your hotel room.

Pre-equip your device to help in the effort of tracking down stolen equipment; there are various vendor related hardware and software products available, look into the most appropriate option that meets your needs.

Be especially aware if your travels take you abroad, that current export control laws give Customs and Border Patrol the authority to enact an onsite COMPEX (compliance exam) on ANY personal device you may be carrying. This includes cell phones, PDA's, and laptops. They can demand your passwords, PINs, and/or encryption keys and have authority to detain you if you do not comply. If a device is identified as having probable investigative cause it could be confiscated for analysis, running the risk of exposing sensitive information, and possible permanent loss of the device.

If you have a presentation saved on disks that use a commercial DVD format and you are traveling internationally, be aware that there are 6 different region codes (internationally) and your formatted disk may not work as expected. Additionally DVD's purchased in the US could potentially not work on equipment at your intended destination.


Hardware Needs

If you plan to print out documentation in the duration of your visit copy it onto external media (e.g. DVD, CD, USB key). It is a much more convenient way to print documents in a business center (hotel/conference facility or similar) than connecting and configuring machines to reach network printers, or transporting a personal printer with you.

Invest in some form of physical locking device - a laptop security cable or similarly appropriate technology.

If you need to use your computer on one of the airlines, it may be a good idea to check ahead of time to see if the airline you are taking has the required power connections. (http://www.seatguru.com/ is one web site you can visit to get information.)

If you are traveling internationally, be aware of the different voltage requirements. Investigate and purchase a plug adapter to accommodate the type of electrical outlet used at your final destination.

Some international destinations only have dial-up (modem) access as an internet connection option, but most new laptops do not ship standard with a modem (remote dial-up port). There are numerous USB modem devices available for purchase as an add-on.

Power fluctuations in some travel destinations can cause serious damage to your equipment, look into the acquisition of a surge protector if there is a risk of danger.


While Traveling

If working with Personally Identifiable Information (PII) in a public place i.e. at a conference, be aware of your physical location as shoulder surfers (persons observing what you type) are a risk.

Disable infrared and or Bluetooth ports and any other features when not in use.

Do not leave your mobile device unattended in your hotel room, or at any time. If you are not using it, lock it away in your hotel safe, or if you do not have one, lock it away in your luggage. In some international destinations, laptops are a sign of wealth and could attract the attention of thieves. Limit the use of your device in public, where possible.

Before you return, be sure to transfer all sensitive data files that you created or copied and worked on while traveling back to your personal/ departmental file storage location (H, S or L drive), and then delete the files from your portable device. It may be a good idea to create a list of equipment before you leave and check it to make sure you're not leaving anything behind.

A lot of mobile devices come preinstalled/ packaged with all sorts of software or peripherals and on occasion you may not be entirely sure how they work. Good rule of thumb with anything of this nature not just software, if you are not using it does not need to be turned on or plugged in.

Using Public Computers

NEVER access any sensitive personally identifiable information (PII) or sensitive data on public computers.

Remember to close out and LOG out of all programs and applications before you leave the public computer.

Remove all disks and USB drives you may have inserted into the machine before you leave.


Things to consider upon returning

It is a recommended best practice to change your Hawk ID password upon your return. This is just in case someone was able to sniff, observe, or otherwise obtain it while you were traveling.

Run a full antivirus scan and spyware detection tool(s) on your portable device to ensure no malicious software infected it, before you reconnect it to your home or the UI network.

Check to ensure all removable media and documents you may have used on your trip are appropriately stored or destroyed.


Links

University Related

Accounts Payable, Purchasing and Travel
http://www.uiowa.edu/purchasing/travel/

Division of Sponsored Programs - Export Controls
https://research.uiowa.edu/dsp/export-controls-home

Encryption resources
http://helpdesk.its.uiowa.edu/encryption/resourcelist.htm

Identity Finder
http://its.uiowa.edu/apps2/support/identity/

Institutional Data Classification Guidelines
http://itsecurity.uiowa.edu/bestprac/InstData-Classification.shtml

Risk Management Insurance, and Loss Prevention
http://www.uiowa.edu/~fusrm/coverage.html

Self-Managed Computers
http://itsecurity.uiowa.edu/bestprac/self-managedcomputers.shtml

Software Download site
http://helpdesk.its.uiowa.edu/software

UI AnyConnect VPN Installation instructions
http://helpdesk.its.uiowa.edu/vpn

Policies

Export Control
https://research.uiowa.edu/dsp/policies-and-procedures

Institutional Data Access
http://cio.uiowa.edu/policy/policy-InstitutionalDataAccess.shtml

Travel
http://www.uiowa.edu/purchasing/travel/policy.htm

External

Customs and Border Patrol
COMPEX - http://www.cbp.gov/xp/cgov/travel/admissibility/labtop_inspect.xml

FBI - Safety and Security for the Business Professional Traveling Abroad
http://www.fbi.gov/about-us/investigate/counterintelligence/business-brochure

Send questions/comments to the Information Security and Policy Office
Phone: 319-335-6332
E-mail: it-security@uiowa.edu