Information Technology Services > Office of Information Security and Assurance > Electronic Device Security Tips for International Travel

Electronic Device Security Tips for International Travel

Personal privacy is not respected in many nations. Unlike the United States, most other
countries do not have legal restrictions against technical surveillance. State government
employees are a potential high valued target for surveillance. Hotel rooms, meeting rooms,
rental cars, taxis, and even commercial airlines may be subject to video and audio
surveillance, along with other advanced monitoring techniques of electronic devices.
Conversations may be monitored, and local colleagues may be required to report
conversations held with foreigners. Travelers should assume that all activity will be
monitored, and any information accessed may be exposed. STEM faculty and staff should
be particularly vigilant.

The following tips have been compiled through various trusted sources in order to aid in
awareness of threats and to counteract threat actors. Following these tips will reduce but not
eliminate risk associated with the loss of confidentiality, integrity, and/or availability of
Washington State University information and information systems along with personal loss of
privacy.

Prior to Departure

  • Obtain pre-travel country risk assessments for the country(s) from the State
  • Department, and/or the FBI. There may be specific issues to be aware of and
  • prepare for to ensure safety and peace of mind.
  • Review any guidelines or laws related to electronics for the country visiting
    and verify all web sites/cloud services needed can be accessed while
    traveling – http://travel.state.gov/content/passports/en/country.html.
  • Identify electronic equipment needed to include any accessories such as
    cables, power adapters, and converters – If the device is not essential, Do
    Not Take It!
  • If feasible, use a “clean” laptop, phone and new email account while traveling.
  • Sanitize all devices. Cell phones can be hacked to steal contact lists,
    usernames, passwords, and browser history. Contact IT support to aid in
    backing up and the subsequent purging/wiping of all data on the devices or
    substitute another piece of equipment that does not contain data.
  • Remove apps requiring user accounts and passwords that are not necessary.
  • Identify any data, internet access, or cloud access needed. Assume all
    information accessed while traveling will be compromised.
  • Make an inventory of all devices that will be taken on the trip, including serial
    number, make, and model. Store it in a safe place with other key information
    (1 copy at home and 1 with you).
  • Accessories are routinely swapped for those with surveillance capabilities.
  • Leave Bluetooth earpieces and keyboards at home and turn off devices’
    Bluetooth function, which can enable eavesdropping.
  • Lock devices with a PIN or strong password (a combination of upper and
    lowercase letters, numbers and symbols).
  • Utilize whole disk encryption to protect stored data.
  • Disable file sharing on computers.
  • Patch, update and secure device (antivirus, antispyware, firewalls, encryption,
    VPN)
  • Cover or disable any integrated camera and disable integrated microphones.
  • Create temporary accounts with strong passwords and do not use any of the
    passwords tied to current US accounts, including voice mail passwords.
  • Leave unneeded car keys, house keys, smart cards, credit cards, swipe cards, and
    access control devices at home.

During Travel

  • Always carry electronics in carry-on luggage and keep in possession at all times.
  • Keep devices in sight at all times and be aware of surroundings. Consider the
    use of a privacy screen to prevent shoulder surfing.
  • Turn off geolocation services.
  • Set email to retrieve manually and only download necessary email on trusted
    connections.
  • Use a Virtual Private Network at all times when accessing Internet services.
  • Never use public Wi-Fi, cyber cafés, or other people’s devices to access
    information electronically.
  • Do not allow other people’s electronic storage devices to connect to your
    device and do not connect to their devices.
  • Do not use any USB drives given to you. Always assume the device is
    compromised.
  • Do not post to social media.
  • Accept that any information accessed will be exposed.
  • Turn off devices when not in use.
  • Respectfully but firmly decline to let customs officers take devices to another
    room to inspect them without you.
  • Report any lost or stolen equipment immediately to the local US Embassy or
    Consulate and your IT staff.
  • Beware of phishing or other social engineering attempts.

Upon Return

  • Scan all data for viruses prior to copying it to another device.
  • Wipe or format any electronic equipment immediately (treat as a
    compromised device).
  • Consider destroying and replacing all SIM cards, depending on where you
    had traveled.
  • Change all passwords used during travel and delete any temporary accounts
    used.
  • Clear temporary internet files.
  • Beware of any unexpected contacts from foreigners after your return.
  • Report any unusual contact or circumstances to your IT security staff.

Compliance shall be evidenced by enterprise distribution of the Electronic Device Security
Tips for International Travel as described above and personnel traveling internationally are
made aware of the contents contained therein.

Whereas, the Electronic Device Security Tips for International Travel is not a policy
document and compliance with its contents is not a requirement but is viewed as strongly
recommended for personnel assigned to international travel on official Washington State
University business. Moreover, awareness and adherence to its contents constitutes
appropriate duty-of-care and expresses due diligence.

Information Technology Services is exploring the possibility of offering a loaner laptop
service to aid faculty and staff who are traveling internationally on Washington State
University business.

The recommendations outlined in this document are equally applicable for personal travel.
WSU employees can find more information on foreign travel at:
International Travel Risk Management information

International Travel and Export Control

Faculty, staff and students will likely, at one time or another, intersect with federal
regulations that impose access, dissemination or participation restrictions on the transfer of
items and information regulated for reasons of national security, foreign policy, anti-terrorism
or non-proliferation. Please refer to the guidelines provided by WSU Office of Research
Support Operations at the link: WSU Export Control Regulations