International Travel Tips

Review the Export Control Website
An export control screening is required for WVU Personnel on international travel related to WVU business or personal travel to embargoed countries with WVU-owned equipment or access to WVU networks. More information can be found at http://exportcontrol.wvu.edu

Take a ‘Clean’ Laptop and Phone
If you can, take a device with just the files and applications you will need while traveling. Make sure all software is fully up to date and appropriate security software is installed and activated. Take a prepaid cellphone with only the contact information you will need. Cover laptop cameras when not in use.
Assume that any and all information on your computer, tablet and cell phone will be compromised.

Use Encryption
Apply a full disk encryption solution such as BitLocker, FileVault or TrueCrypt. Do not take the encryption keys/recovery disks with you. Encryption provides substantial protection should your laptop, smartphone, or other mobile device become lost or stolen. Be aware that some countries have encryption import restrictions that prevent you from encrypting data on your device.

Change Your Passwords
Change any passwords that you expect to use while traveling. Change the passwords again from a trusted device upon your return.

Use a Temporary Mail Account
If possible, use a temporary mail account through a service such as Gmail, Outlook.com, or Yahoo. If the service supports two-factor authentication, please take advantage of the stronger authentication. Don’t email sensitive information from any device.

Maintain Control of Your Devices
Use strong passwords on all devices. Keep electronic devices on your person or locked up when travelling. Electronic devices are often targeted for theft.

Disable Unused Services
Disable Bluetooth, Wi-Fi, GPS, etc when not in use to limit avenues of unauthorized access to your device(s).

Internet Access
Public/Hotel networks may be monitored. In some countries, all Internet traffic may be monitored. Assume your Internet traffic is not private.

Removable Media
Do not accept USB drives, SD cards, CDs/DVDs, or other removable media. Do not use any removable media that you’ve found. Such devices may contain malware. If you connect your USB drive, SD card or external drive in another individuals computer (e.g. for a presentation), consider it compromised and don’t reconnect it to your computer.

Public Charging Stations
Do not use USB-based public battery charging stations. The USB interface to your device may be used to deliver more than just power.

Wipe Devices When You Return
Treat devices as if they’ve been fully compromised. Upon your return, do not connect the device to any network. Have your IT department remove important data and wipe/reset electronic devices.