Travel Internationally with Technology
This article applies to: Security & Policy, Students, Travel to Countries with Technological Restrictions Program
The Cornell IT Security Office (ITSO) recommends the following baseline precautions while traveling internationally. In the event your devices are lost, stolen, or altered while traveling, adhering to these precautions will reduce the risk to you and the University.
For questions about any of the recommendations listed here, please consult with your local IT support or the IT Security Office (email@example.com).
Pre-Travel: Start Preparing Weeks Before Leaving on an International Trip
Pre-register all international travel in the International Travel Registry.
Cornell Policy 8.5, requires all students, faculty, and staff traveling internationally on Cornell business to register in the International Travel Registry. Additional travel resources can be found at: Cornell Navigate: Travel Planning Resources, and for more information on travel to specific countries consult U.S. Passports & International Travel: Country Information.
Enable device encryption to protect your data on all devices (computers, tablets, mobile phones, etc.).
Confidential data must be encrypted if you travel with it. Enabling full disk encryption will protect all the information on your devices should they get lost or stolen.
Whenever possible, arrange to use loaner laptops and loaner handheld devices while traveling.
Work with your local IT support to see if they can provide a loaner device(s) for your trip. Certain parties may be eligible to utilize the Travel to Countries with Technological Restrictions Program loaner devices.
Bring only the data you need for your trip.
Where possible, limit the amount of data stored directly on your devices. Consider using cloud storage solutions found in the collaboration services section of the Regulated Data Chart.
Make sure all operating systems and applications are updated.
Consult with your local IT support or contact the IT Service Desk for assistance with how to apply updates.
Install and test Cornell's Virtual Private Network (VPN) Service.
Cornell's Virtual Private Network (VPN) ensures that everything you send to Cornell is encrypted as it goes over the network. It is recommend to test this service from off-campus prior to traveling.
Confirm you have recent backups of all your devices that will be traveling with you.
Backups will help with recovery should your device become lost or stolen. Consult with your local IT support to determine if your device has been recently backed up.
Only store passwords within password management applications.
Do not store any passwords on the device outside of password management applications designed to securely store and handle login credentials (username/password combinations). LastPass is available to all University community members.
Understand how to use two-step login when you travel outside the U.S.
Two-step login can still be used when outside of the U.S, but it may require some planning to ensure you have the appropriate device or codes to log into Cornell services.
Don't leave a device at home or work auto-logging in with your credentials.
The chances of having your NetID account locked are greater if you are connecting from multiple locations around the world. Don't leave devices powered on at home or at work that automatically connect to your Cornell email or other Cornell services.
While Traveling: How to protect your devices during your trip
Only connect to known and trusted networks.
Always manually select the specific network you want to join, only after confirming its name and origin with the provider. Turn off wireless and Bluetooth when not actively being used.
Utilize Cornell's Virtual Private Network (VPN) service.
Connecting to Cornell's VPN service will securely encrypt data you send to services hosted at Cornell.
Keep track of what credentials you use while traveling.
Whether you sign into personal or Cornell accounts while traveling, keep track of the services you've accessed. The IT Security Office strongly recommends that at a minimum you change these passwords when you return.
Do not leave your devices unattended or physically unsecured.
When possible, keep your devices nearby or on your person. If you need to leave a device behind secure them in hotel room safes or use physical cable locks.
Post-Travel: What to Do When You Return to Campus After Traveling Internationally
Using a trusted computer, change passwords for all services you accessed while away.
When changing passwords for services you accessed while away, remember to pick strong, complex passwords, and do not reuse the same password for multiple services.
If your device was lost, stolen, confiscated, or otherwise tampered with inform your local IT staff and the IT Security Office.
If the above precautions were taken, the level of risk from a device that is missing will be greatly reduced, but still inform your local IT support and the IT Security Office.