Travel Advice for International Travelers
International travel, including destinations in the United States, present unique risks compared to domestic travel. It is highly recommended to read the following advice, especially if traveling to locations known for active cybercriminal communities or where surveillance is prevalent. The differences in legal statutes between nations and the process of crossing international borders can often render typical security controls for protecting sensitive data ineffective.
Device Security
Laptops, tablets, e-book readers, smartphones, and even regular cell phones may be successfully attacked and compromised via malware or automated attack tools. Commercially available security software, even when completely up to date, may not prevent such compromises. Always maintain the most recent version of all operating system and application patches on your devices. See more information about security features on mobile devices like smartphones and tablets.
Theft and Loss
The increased chance of losing or having your portable device stolen while traveling means you should ensure you do not have the only copy of important information on the portable device. Regularly copy any information generated or collected during your trip to a secure location like your Saint Mary’s OneDrive or SharePoint site. If your device is lost or stolen, minimize the amount of information that can potentially be disclosed or needs to be reported. Before traveling, reduce the information contained on the devices you will bring by moving data not associated with the trip to a secure location on your office computer or a network share. Contact the EIT Help Desk as soon as possible to report any missing devices. EIT may be able to remotely locate, recover or wipe a device depending on whether it supports that function. However, this will only work while the battery of the device is still charged, once the device is powered off, it will no longer be reachable remotely.
Encryption
Managed SMU laptops are encrypted to protect the information contained on the laptop from being accessed in the event of loss or theft. However, some countries have regulations restricting the use of encryption, including China. EIT recommends using a clean device when traveling to countries with limited or no data stored on the device itself and any managed SMU laptops should have the Zscaler client installed for an extra layer of Internet protection. The Zscaler client is also available for iOS and Android devices from the respective app stores.
Clean Device
Consideration should be given to using a clean device for the duration of the trip and minimize the information contained on the device. Please contact EIT at least 10 days prior to travel, to inquire about the possibility of a clean temporary device (laptop) or assistance with getting your current device to a clean state prior to travel. Temporary device inventory is limited and may not be available. Upon your return, print or transfer any files changed or created on the trip and wipe the device completely or restore it to the factory default.
Passwords
Some countries have laws that may compel travelers to provide passwords, PINs, or biometric access (fingerprint, facial recognition) to their devices upon request by border or law enforcement officials. Refusal to provide this information can potentially lead to device confiscation, detention, or other penalties. International customs officials may search laptops and other devices when a traveler crosses into their country and may retain the device for further analysis if a traveler refuses to unlock the system. If prompted to surrender your password or device to a law enforcement official, please do so. Your health and safety should never be at risk.
Kiosks and Public Wi-Fi
Never trust public Wi-Fi and consider the use of a Virtual Private Network (VPN) client on your device if available. A VPN connection will encrypt your transmission and ensure it remains confidential when traversing the public network.
If your device automatically checks your email, consider disabling that feature for the duration of your trip and instead monitor your email via the web portal. Avoid accessing University resources or e-Commerce sites on public or shared resources such as Wi-Fi or kiosks.
Additional Points
- Avoid free USB charging stations as they may be utilized to access information on your device.
- Use privacy screens on laptops to avoid shoulder-surfing.
- Ensure your device is up to date with security patches and antivirus updates before you travel.
- Cover cameras and microphones on laptops to deter unwanted access if compromised.
- Disable Wi-Fi, Bluetooth, NFC, and GPS when not in use to limit unauthorized access to your device or data.
- Turn devices off when not in use rather than using hibernate or sleep modes.
- Never access USB devices from untrusted sources as they may expose your device to malware.
- Do not allow your browser to store usernames and passwords; regularly clear your browser history during travel.
- Attempts to circumvent national censorship may be blocked and/or punished if noticed.
- Use RF shielded wallets for touch-to-pay banking cards and Canadian passports.
- Contact the EIT Help Desk before traveling with cellular devices for cost-effective travel packages to control international data charges.
Additional Travel Guidance
Several recent changes to U.S. travel entry requirements have been noted. The Government of Canada updated its travel advice, cautioning Canadians and other foreign nationals visiting the U.S. for over 30 days to register their trips with the U.S. government. Failure to comply with the registration requirement could result in penalties, fines, and misdemeanor prosecution. The U.S. State Department also recently eliminated the gender X identifier option on U.S. passports. If you have the gender designation X on your passport, or you have changed your gender, it is recommended that you contact the U.S. Embassy in Canada prior to travel for guidance on how to proceed. Travelers are advised to consult the U.S. Citizenship and Immigration Services (USCIS) website to determine if they need to register with USCIS and for assistance in how to register.
SMU community members are advised to protect their data by ensuring their devices don’t contain sensitive academic information and changing passwords if they are provided to customs. Exercise caution when traveling and a reminder that customs officers have the right to inspect electronic devices upon entering an international country.