International Travel Digital Security Guidance

DO:

• Pre-register all international travel with the LMU International Travel Registry. LMU requires all students, faculty, and staff traveling internationally on LMU business to register in the International Travel Registry. Additional travel resources can be found on the International Travel website. For more information on travel to specific countries, consult U.S. Passports & International Travel: Country Information.

• Consider the data and devices you will need to access while traveling, as well as the data you will acquire or generate (including research data) during your trip.

• Leave sensitive data secured on Box or LMU servers.

• Password-protect all laptops and mobile devices with strong passphrases.

• Contact ITS and request that they inspect your devices to ensure they are password-protected using strong passphrases, that antivirus software is installed, active, and up to date, and that full-disk encryption on laptops and removable media is enabled.

• Check out an LMU loaner laptop for travel. Check it out at least two weeks before departure and test it to ensure your productivity is not interrupted. OR, if feasible, use a “clean” device and a new email account while traveling. If not possible, sanitize your laptop or tablet to ensure no LMU, research, or personal data is on it.

• Remove nonessential data from mobile devices, including contacts and research files. Disconnect your devices from cloud storage services and social media accounts.

• Notify ITS if you are traveling abroad so we can protect your accounts or devices.

• Sign up for a VPN account to securely access LMU resources. Access data remotely only through secured communications (VPN, HTTPS).

• Enable remote tracking and wiping to track the device’s location and remotely wipe it if it is not recoverable.

• Confirm that you have recent backups of all your devices that are traveling with you. Backups will help with recovery should your device become lost, stolen, or damaged. Consult with the ITS Service Desk if you need assistance with taking backups.


DON'T: 

• Take devices or information you don’t need, including sensitive contact information. Consider the consequences if your device(s) or information were lost, stolen, or searched.

• Store sensitive data on local drives or external media.

DO:

• Travel with as little data and as few devices as possible.

• Avoid unnecessarily displaying your device(s), as it can attract unwanted attention. Use printed boarding passes when possible and keep your devices stored out of sight. At ports of entry, your device(s) may be searched, and content, including deleted items, metadata, and files, may be downloaded for inspection. Know your rights!

• Set Wi-Fi and Bluetooth to non-discoverable mode or shut your device(s)off.

• Maintain Physical Security: While traveling, never leave your device(s) unattended in public places, such as airports, hotels, or conference venues. Carry your device(s) with you or store it securely in a locked bag or hotel safe.

• Be Wary of Phishing Attempts: Stay vigilant against phishing emails or suspicious links by email, phone, or text. Exercise caution when accessing your email, conducting online transactions, opening attachments, or clicking on unfamiliar links, as they may contain malware or lead to fraudulent websites.

• Minimize electronic transmissions; All information you send electronically by fax machine, computer, or mobile phone can be intercepted, read, deleted, and modified. Wireless devices are especially vulnerable.

• Be cautious of charging stations. Public charging stations can be used for ‘juice jacking,’ where data is extracted through USB charging ports. Instead, use your own charger and plug it into a power outlet.

• Remote Tracking: If you’ve enabled remote tracking and your device is lost, you may track its location and report this information to the local authorities. Do not attempt to recover the device yourself.

• Remote Wiping: If you’ve enabled remote wiping, use this feature to erase your data if you believe your lost device cannot be recovered.

• Decline USB drives; if they are used, treat them as compromised and decline them. Have the information sent to you via other means, such as email.

DON'T:

• Don't accept USB Drives: Decline USB drives; if they are used, treat them as compromised and decline them. Have the information sent to you via other means, such as email.

• Don't attempt to recover a lost or stolen device yourself, even if remote tracking is enabled. Always report the location to local authorities instead.

Report Security Incidents: If your device is lost or stolen, or if you suspect any security breaches or encounter suspicious activities on your device while traveling, promptly report them to the LMU ITS Service Desk:

• ITS Service Desk Online Portal.
• Phone: 310.338.7777
• On campus, x87777
  
  Immediate action can help mitigate potential risks and protect the LMU network and data.