Best Practices for International Travel

International travel presents additional risks related to the theft of sensitive data and exposure to malware that can be harmful while traveling and upon your return.

BEFORE LEAVING

  • If you access sensitive data from your campus issued laptop, we recommend you request a loaner device when traveling. Please contact the IT HelpDesk to request a loaner device
  • Make sure the Duo app is installed on the mobile devices you will be using while traveling. Please note that there may be restrictions depending on the country you are traveling to. Please check the DUO support siteOpens in new window .
  • Users with an IP address from OFAC regulated countries and regions will be unable to access Zoom services.  To comply with economic and trade sanctions enforced by the U.S. Office of Foreign Assets Control, Duo and Zoom have announced that they are no longer offering their services to users whose IP addresses belong to an OFAC restricted country or region.  For more information on Zoom restrictions, visit the Zoom support websiteOpens in new window .
  • If you are not using the mobile app, contact the IT HelpDesk and request a token
  • Test your Duo authentication with the devices you will be taking with you
  • Backup your data. Level 2 and 3 data can be stored in Dropbox. Please contact IT Helpdesk if you need to backup Level 1 data.
  • Install and configure GlobalProtect, the campus VPN software. If you do not currently have that you can request GlobalProtect . To protect against eavesdroppers on networks during your trip, install and configure GlobalProtect to utilize full tunneling. The url for full tunneling is gpft.fullerton.edu
  • Ensure antivirus, security patches, and firewall are enabled and up to date
  • Remove all sensitive data and any information that is not needed
  • Check for Import restrictions on encryption software
    • Encryption software is a very useful tool to strengthen the protection of your data. However, many foreign countries do not permit encryption software to be imported or used without prior approval. For example, China requires international travelers to apply for a license to use encryption software before arrival. To learn more about background information and details of import restrictions on encryption software, follow the links below to external websites:
    • Wikipedia article discussing restrictions on encryption software importOpens in new window
    • Crypto Law SurveyOpens in new window website with a list of countries and their respective encryption software import restrictions.
    • If you are not able to use encryption software at your destination, it is strongly recommended to leave your data and device at home, and bringing a loaner device instead. If your information is sensitive and it is illegal to secure your devices/data and communication, contact the Information Security office (iso@fullerton.edu) for advice.
  • Please be aware that Canvas is inaccessible from countries & regionsOpens in new window that are embargoed by United States regulations.  

WHILE TRAVELING

  • Use VPN to access CSUF resources
  • Do not plug in untrusted accessories (flash drives, charging cables, memory cards)
  • Do not join networks automatically; turn off wireless, Bluetooth, and GPS when not being used
  • Assume Wi-Fi is insecure, utilize VPN and Eduroam when possible. Check for Eduroam availabilityOpens in new window .
  • Practice safe web browsing. The websites you visit online hold valuable data about you. They are also becoming gateways thru which hackers can steal your data by infecting reputable or seemingly reputable websites with malware. This threat is magnified during foreign travel as you connect to public networks in hotels, airports, cafes, etc at your destination. To protect yourself while browsing websites abroad,
    • Connect to HTTPS websites. Before sending or receiving any sensitive information, make sure the internet address(URL) in the web browser starts with HTTPS.
    • If your browser displays an error about the digital certificate used to encrypt the data, i.e. that it cannot verify the identity of the HTTPS website, you should assume the site is fake, compromised or the web traffic is being intercepted. Stop connecting to the website and try it from another location.
    • Do not click on suspicious links or prompts. Malicious websites commonly craft attacks to exploit a user’s curiosity, impatience or to scare them with malware threats. These malicious attacks might come in the form of links or pop-ups that present free offers too good to be true or imminent malware infection if you don’t install the product. Think before you click a link or “Yes” to a prompt.
    • Clear browser cache if you used devices that do not belong to you. Some web applications do not log you out entirely, even when clicking the logout button or closing the browser. Such behavior allows the next person who uses the device to browse to the same page or click the back button to access your data as if you are still logged in. To prevent others from accessing your account and data, clear all the web browser session information.

UPON RETURN

  • Avoid immediately connecting to personal or business networks
  • If you traveled with your campus issued laptop, contact the IT Helpdesk for assistance in scanning for vulnerabilities.
  • If you had a loaner device, return it to IT Helpdesk. The loaner device will be wiped and reinstalled.
  • Change the passwords for all accounts used during your travel