Staying Secure During Travel

Traveling with digital devices, including laptops, cell phones, smartphones, or tablets, is often necessary in order to stay connected while you are away from the office or home. Connecting to the Internet, checking email over a wireless network, even making phone calls with a smartphone are all day-to-day tasks on the road that can make your personal information, the University’s data, and your physical devices vulnerable.

Keep in mind, the hardest decision may also be the safest—if a device isn't absolutely required for your trip, leave it at home.

To keep information and devices secure from hacking, malicious software, or theft, here are several tips and best practices to keep in mind whether your travel takes you to the other side of the city or the other side of the world.

Physical Device Security

  • If you must bring a device with you, look into a low-cost or loaner tablet or netbook only to access the Internet and NU resources, including email, instead of taking your daily personal devices. Loaner devices can easily be wiped after a trip, and can be shared among team members as needed. Skype or Google Voice can be used to make phone calls from a loaner tablet or laptop.
  • Portable equipment, such as phones, laptops, flash drives, CDs, PDAs, etc. are especially vulnerable to theft and loss while traveling. They should be kept secure and locked when unattended.
  • Avoid using checked bags for transporting electronic devices.
  • Be wary of devices, such as thumb drives, you may be receive as gifts.  They could contain malware.

Network Security

  • Connect securely to University resources using Northwestern VPN on your laptop, smartphone, or tablet. You can also connect securely by using the eduroam network at participating institutions.
  • Be sure antivirus software is current and performing regular scans.
  • Assume that any networks or devices other than your own are insecure, including libraries, cafes, hotels, conference centers, etc.
  • Do not enter sensitive information (credit cards, bank accounts, passwords, online shopping) while connected to wireless hotspots or other unsecured networks.
  • Don’t install any software updates or patches while you're away from a known, secure network—updates could be malware in disguise.
  • Be sure to disable broadcast services including Bluetooth, WiFi, and GPS if they are not needed. These services can be used to potentially launch attacks against your device, and can be used to locate and introduce malware.

Data Security

  • Set secure passwords, codes, or screen locks for all devices so information can’t easily be accessed if the device is lost or stolen.
  • Create new passwords on accounts you will need to access before you leave, and change those passwords when you get back. Avoid accessing banking or other financial sites during your trip when possible.
  • Be sure to back up your data to a secure location, in addition to regularly scheduled backups.
  • Use encryption to protect sensitive data in case your device is lost or stolen. For information on encryption during international travel, see below.
  • Consider taking only the information which you will present or discuss at a conference or other event.
  • Keep your data only on a University server and access it only through a secure VPN connection. Alternatively, store documents in the cloud with services like Google Docs, DropBox, etc., to facilitate sharing and collaboration without exposing all information to compromise. 
  • If you have sensitive intellectual property that might have research or commercial value, avoid bringing it. Do not copy sensitive information onto a computer that has been overseas and has not been wiped upon return.
  • Be aware that your belongings maybe searched multiple times and electronic media copied.

Note for International Travel
Information, technology, software, and equipment may be subject to U.S. export control laws. Several countries are subject to US embargoes, and the shipment or transfer of items or information to such countries may be severely limited, if not outright banned. Please refer to the University’s Office for Export Controls Compliance website for further guidance, and contact that Office’s Director if you have any questions or concerns.

Additional Information

Support Contacts

Support Contact:

NUIT Information and Systems Security/Compliance

security@northwestern.edu