You are here

Procedure for Preparing Your Technology for Travel

 

Effective Date/Issuing Authority

Effective Date: May 1, 2018
Last Review Date: December 12, 2019
Issuing Authority: Office of Information Security

Before You Travel

When you travel, it is important to take some proactive measures to ensure access to Temple resources and to protect sensitive/confidential data from falling into the wrong hands. Consider what would happen if your device was hacked into, inspected, confiscated, stolen or lost. 

Make sure that you are complying with regulations that cover certain types of research and other sensitive data. Employees should always start by securing their device(s) using the general security practices.  

  • Submit travel information.  University faculty, staff, and students are required to register their international travel plans when traveling for university-related purposes. Employees should use Concur. 
  • Contact the Help Desk (215)-204-8000 to verify whether your AccessNet password will expire during your trip. If it is slated to expire, reset the password a few days ahead of your pending travel to ensure that you don’t have authentication issues.
  • Set up remote.temple.edu access so that you can access your desktop or other Temple resources before you leave. For instructions, see the Remote Access Website.
  • Test the connection process before leaving.  If you need assistance, contact the Help Desk prior to departure.
  • Inventory your devices and data. It is important that you have an inventory of the data you are traveling with, in case your device is lost or stolen.  See Device Inventory Table at bottom.  
  • Securely back up data stored on your device(s) or media. Backed up data should be stored on media that will not be taken on the trip.
  • Always use screen lockout when not using your device. You should require a password or passcode to unlock it.
  • Review the travel registry site, which provides travel preparation tips and information about travel to high-risk countries.
  • Let the State Department know you are traveling.

Traveling to Embargoed or High-Security Risk Countries

The Treasury Department's Office of Foreign Asset Control (OFAC) administers and enforces economic sanctions imposed by the United States against foreign countries. Depending on the country, OFAC programs may freeze assets of embargoed countries, prohibit payment of funds to individuals and countries on the embargo list, or prohibit the provisioning of services to countries subject to US sanctions.  These sanctions may require obtaining OFAC approval before conducting research or other activities in or involving the sanctioned country.  Some sanctions are more restrictive than others, and apply to the whole country, while others specifically target certain individuals or entities within a country.  Please check the OFAC website for an updated list of Embargoed/High-Risk Countries: https://www.treasury.gov/resource-center/sanctions/Programs/Pages/Programs.aspx or https://en.wikipedia.org/wiki/United_States_sanctions

  • IT highly suggests taking loaner equipment. Ask your IT department for a loaner laptop or other devices. Limit the data on the loaner device to only the essentials. This is especially important if the country you are traveling to has encryption import restrictions that prevent you from encrypting data on your device. (See Use Caution When Traveling With Encryption Software.)  Please be aware that certain countries have export control regulations and that an encrypted device may be confiscated entering or leaving one of these countries.
  • Do not save confidential or sensitive personal information such as Social Security numbers, credit card numbers, or passport information on your device.  Make sure you have cleansed your devices.
  • Do not take any data protected by federal or state regulations or which might raise proprietary, ethical, or privacy concerns.
  • Turn Off Cloud Sync 
  • Leave behind any devices or media that are not absolutely necessary.
  • Clear your browser history and other such stored information that you would not want others to access (e.g., remembered accounts, password, credit cards).
  • Run a full scan for malware, using anti-virus and anti-spyware tools (e.g., Symantec Endpoint Protection). This serves as a baseline, ensuring that the system is clean of detectable malware prior to travel. 
  • Check for restrictions. Check to see if there are sanctions or local laws that will affect your access.
  • Blocked Applications or Websites: Be advised that some countries actively block many sites, including Gmail, Facebook, among other popular applications. You may run into problems using Temple resources while you are there. You can attempt to access our systems using remote.temple.edu, but be advised that some of our colleagues have encountered problems in embargoed countries where VPN software has been detected and blocked.
  • Use a secure Internet connection. Choose Internet connections with greater security whenever possible.
    - Avoid using free wireless services.
    - Avoid any wireless services without encryption (e.g., Open Wi-Fi).
    - Assume that any computer network you use is insecure, including those of friends you are staying with, in business centers, at cyber-cafes, or in libraries.
    - Turn off wireless and Bluetooth when you are not using them.
    - If you must use a shared or public computer, never enter or access sensitive/confidential data.
    - Never enter your ID and password on a machine that is not secure.  
    - Never accept software updates on hotel internet connections or other public Wi-Fi.
    - Be aware that some governments may copy data from your computer, log your internet activity and/or listen to your phone conversations without your knowledge or consent.
  • Always use screen lockout when not using your device. You should require a password or passcode to unlock it.
  • Keep your device with you and physically secured
    - Whenever possible, keep your devices close rather than leaving them behind in hotel rooms; if your hotel has a safe, use it.
    - Be discreet. For example, if possible, do not use an obvious laptop storage bag, as these may make you a more obvious target.
  • Use your web browser's private browsing or incognito features. Check your browser's Help for instructions. (e.g., Google Chrome: Ctl+Shift+N)
  • When you are not using your devices, turn them off.
  • Do not plug USB powered devices into public charging stations. Such stations can transfer malware to your device or download data from it. Instead, use your own charging cable to plug into an electrical outlet.
  • Do not accept USB thumb drives or other removable media from any source.
  • If an authority from another country wants to confiscate the device, give it to them, do not put yourself at risk. 
  • If your device is lost, stolen or confiscated, report it as an IT security incident or call the Help Desk (1-215-204-8000).
    - Faculty, staff, and researchers traveling abroad are required to report suspected or actual breaches or compromises of confidential or sensitive university data immediately. This includes incidents that involve loss, theft, or breach of personally-owned devices that store or handle confidential or sensitive data.
    - Contact local authorities or US Embassy to report the loss, theft or confiscation.
  • Researchers, please contact the Export Compliance team, at OVPR@temple.edu, for an export review, if you will be carrying tangible items like equipment, samples, prototypes, controlled or proprietary research data, etc.
    - Agencies and other entities that fund your work may require advance approval and/or disclosure of foreign travel or domestic travel sponsored by foreign entities. Check the requirements associated with your specific funding source.
    - Regardless of research or activity, contact the Export Compliance team if you are traveling to any “at-risk” or embargoed countries. Embargoed countries will always require export review and license prior to travel.
    - The Office of Foreign Assets Control (OFAC) is responsible for administering and enforcing US economic and trade sanctions and embargoes that target specific geographic regions and governments. Please see the " Sanctions Programs and Country Information" page, which can be found on OFAC's website for more information on specific programs.
    - Should you have any questions, please contact Michael.Henderson@temple.edu or OVPR@temple.edu.

When You Get Back

Be aware that criminals may be far more interested in the confidential or sensitive data you have access to than any data you may have carried with you. Without your knowledge, someone may have hacked into your computer or other devices or stolen your password. Upon returning:

  • Consider re-imaging your device. If you have visited an embargoed or other high-security risk countries, IT recommends that you re-image the devices you have taken. Your IT support group can assist you with this process.
  • Do not plug in your device to download your photos before having your device scanned.  
  • Change your AccessNet password immediately.
  • Scan and clean your device. Run a full in-depth scan for malware, using anti-virus and anti-spyware tools. If any malware infections are detected, follow the remediation steps recommended by the antivirus tool.

Devices Inventory

Device — Make Model Serial Number
Example: Dell Latitude 7400 2-n-1 20169064578
Example: iPhone X X01X23Y4XYXY
     
     
     

Make a copy of this inventory to leave back in your office. Also, submit an additional copy to the Office of Research Compliance.

Questions

If you have any questions, please contact the Help Desk through the tuhelp.temple.edu website or call (215)-204-8000.