Technology Recommendations for Traveling Abroad
International travel presents many new risks to your mobile devices and personal online information. Many cyber attackers are hoping to take advantage of your devices while you’re on the go in unfamiliar environments. Many countries outside of the U.S. have different security and privacy laws. In many cases, your privacy isn’t as protected as it would be in the U.S., but following some basic recommendations, you can avoid becoming a victim of information theft.
Before You Leave
- Research cyber risks for the countries you’ll be visiting. Be aware of their respective laws regarding data privacy and protection. In some countries, you may not have the privacy you’re used to in the U.S. In some countries, it may be perfectly legal to view and collect your online activity and history. There are also cases where hotel staff may have access to the safe in your hotel room. Check here for Travel Advisories from the U.S. Department of State.
- Create backups for the devices you’ll be traveling with. In case of theft or your device is compromised, you will still have the data and programs you had before traveling.
- Install and update your devices’ anti-virus, anti-malware/spyware, and OS security updates. Download antivirus protection from Fordham here.
- Encrypt your devices. Contact the IT Service Desk to schedule the encryption of your device(s).
- Use hard-to-guess passwords.
- Have your own portable charger and country-specific plug adapters. Use unique or specially marked USB cables to avoid swapping them for decoys that may have malicious payloads.
Use loaner devices for traveling. Consider using low-cost loaner devices in lieu of more expensive and valuable devices.
- Have a temporary international cell phone plan. Look up your cell phone provider’s policies and international data plans to see if there’s an economical option to avoid being charged for roaming and not exclusively rely on public WiFi.
- Avoid divulging details about your trip on social media. Do not disclose where you will be lodging and refrain from sharing your trip itinerary.
- Know that Customs and Border officials may search your devices and copy the data. They also may also keep any information after copying it. See here for a report on Customs and Border Protection imaging people’s devices.
- Obtain RFID shield containers for your RFID-enabled ID and bank cards. Only bring the necessary cards with you. Leave behind cards that you know you will not be using.
- Enable and configure Multi-Factor Authentication (MFA) for your apps and online services. Most services such as Gmail, LinkedIn, Facebook, and most online banking platforms have several MFA options.
While You're Traveling
- Keep track of your devices at all times. Never leave a device unattended and always put them away when not in use to avoid theft.
- Avoid using public WiFi. Assume these networks are insecure and vulnerable to attacks. Use your cellular provider’s data plan if available.
- Refrain from using charging stations at airports and cafés. These stations may have been tampered with and can deliver malicious payloads to your devices through USB connections. Use your own charging devices and cables.
- Avoid using public computers, such as those in hotel business centers, as they may have installed malware and keyloggers (which track everything you type).
- Disable wireless broadcast services like WiFi auto-connect and Bluetooth device discovery. Turn off Bluetooth features unless absolutely necessary. Also, turn off any file sharing settings for your devices, such as AirDrop for iPhones.
- Use a VPN for visiting information-sensitive websites like banking and work. Be aware that some countries may prohibit or throttle the use of VPNs. Contact the IT Service Desk for information on how to use Fordham’s VPN.
- Do not download and install security updates and patches through untrusted and unfamiliar networks.
- Report any stolen devices to your native embassy, local authorities, and cell phone carrier where applicable. If you do retrieve your stolen devices, assume they have been tampered with and do not use them until they are wiped or reviewed by a security professional.
When You Return
- Scan your devices for viruses and malware when getting back. If anything malicious does show up and you require assistance, contact the IT Service Desk at (718) 817-3999 or via email to: [email protected].
- Consider wiping your devices and restoring them with backups. For assistance, contact the IT Service Desk.
- Carefully review banking statements to see any suspicious or fraudulent charges. Contact your bank or credit card company to dispute any claims.
- If needed, change passwords from a trusted computer. If you observe or suspect any unusual activity with any accounts, you accessed while you were traveling, log into a known and trusted computer to change your passwords.