LETU IT KnowledgeBase

Child pages
  • International Travel with Technology

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand kb
titleRecommendations for International Travel


Warning

Status
colourRed
titleRED recommendations: for travelers visiting extremely sensitive destinations and/or using extremely sensitive data

Before your trip:

  • Contact LETU IT to discuss your trip and appropriate precautions to take with devices and data
  • Ensure you are configured to use MFA and confirm that it is operating correctly before you leave the US.
  • If you require the ability to use your LETU cell phone during your trip, contact LETU IT well in advance to ensure you are on an international cell phone plan before you leave
  • If traveling to a country which disallows encryption products, work with IT to prepare a “loaner” device

During your trip:

  • If you need to share data with fellow faculty/staff from your university, use encrypted flash drives to transfer data back and forth
  • Take a loaner "dumbphone" (no data storage) instead of your smartphone
  • Shut down devices when not in use (do not use sleep or hibernate features)
  • Keep your device(s) on your person at all times — remember that hotel safes may be compromised
  • Never use "shared" computers at a business center or kiosk, etc to access any LETU system (including email or TS1).

After your trip:

  • Erase and reformat the hard drive, especially on a loaner device
  • Wipe data from a temporary "dumbphone"


Note

Status
colourYellow
titleYELLOW recommendations: for travelers visiting moderately sensitive destinations or using moderately sensitive data

Before your trip:

  • Ensure your device is encrypted (if permitted by the nation to which you are traveling)
  • Password-lock auto-encrypts iPhones and Windows Phones; Android users should manually enable encryption
  • Laptops: Use BitLocker for hard drive encryption on Windows; use FileVault on Mac OS systems
  • "Sanitize" your laptop to remove any sensitive data
    • A product such as Identity Finder can assist this process
    • Only take data necessary for the specific trip
    • Consider taking a temporary device such as a loaner laptop or prepaid phone

During your trip:

  • When using shared Wi-Fi, stay connected to LETU's VPN.Do not avoid transmission of LETU data except through secure connections such as TS1/Remote Desktop Services.
  • Never use "shared" computers at a business center or kiosk, etc to access any LETU system (including TS1).

After your trip:

  • Consider changing passwords for all services/systems you used from overseas


Tip

Status
colourGreen
titleGREEN recommendations: baseline security for all travelers, foreign or domestic

Before your trip:

  • Ensure data is backed up on a server, drive, or other device NOT making the trip
  • Ensure your PC is patched and the antivirus software updated
  • Disable Bluetooth and Wi-Fi on your devices, and only turn them on when in use

During your trip:

  • Assume your data on any wireless network can be monitored, and act accordingly. Use a VPN TS1 whenever possible, especially while on public networks and /or always when accessing sensitive data
  • NEVER let anyone else borrow or use your devices
  • Do not borrow any devices (e.g. a USB drive) for use on your computer
  • Do not install any software on your PC
  • Be aware of "shoulder surfers" — anyone physically monitoring the use of your device
  • Keep your devices under your physical control or secured in a proper location when they are not. Never check devices or storage devices in luggage

After your trip:

  • Perform a full virus and malware scan


...

Expand kb
10
titleAppendix

Permitted Countries

The following countries have signed an agreement permitting an individual traveler to bring an encrypted laptop into the country under a "personal use" exemption, as long as the traveler does not create, enhance, share, sell or otherwise distribute the encryption technology while visiting.

  • Argentina
  • Australia
  • Austria
  • Belgium
  • Bulgaria
  • Canada
  • Croatia
  • Czech Republic
  • Denmark
  • Estonia
  • Finland
  • France
  • Germany
  • Greece
  • Hungary
  • Ireland
  • Italy
  • Japan
  • Latvia
  • Lithuania
  • Luxembourg
  • Malta
  • Netherlands
  • New Zealand
  • Norway
  • Poland
  • Portugal
  • Republic of Korea
  • Romania
  • Slovakia
  • Slovenia
  • South Africa
  • Spain
  • Sweden
  • Switzerland
  • Turkey
  • United Kingdom
  • United States

 


Restricted Countries


The following nations, including two Wassenaar signatories indicated by an asterisk (*), do not recognize a "personal use exemption".  Before traveling to these countries with an encrypted device, you will need to apply to their specified governmental agency for an import license:

  • Belarus - a license issued by the Belarus Ministry of Foreign Affairs or the State Center for Information Security of the Security Council is required
  • Burma (Myanmar) - a license is required, but licensing regime documentation is unavailable. Contact the US State Department for further information
  • China - a permit issued by the Beijing Office of State Encryption Administrative Bureau is required. You can either apply for the permit on your own, or contact our McAfee authorized distributor
    • In particular, the "Great Firewall of China" can pose an unpredictable and undocumented hindrance to travelers
  • Hungary - an International Import Certificate is required. Contact the US State Department for further information
  • Iran - a license issued by Iran's Supreme Council for Cultural Revolution is required
  • Israel - a license from the Director-General of the Ministry of Defense is required.  For information regarding applicable laws, policies and forms, please visit the following website:http://www.mod.gov.il/pages/encryption/preface.asp
  • Kazakhstan - a license issued by Kazakhstan's Licensing Commission of the Committee of National Security is required
  • Moldova - a license issued by Moldova's Ministry of National Security is required
  • Morocco - a license is required, but licensing regime documentation is unavailable. Contact the US State Department for further information
  • *Russia - licenses issued by both the Federal Security Service (Federal'naya Sluzhba Bezopasnosti - "FSB") and the Ministry of Economic Development and Trade are required. License applications should be submitted by an entity officially registered in Russia. This would normally be the company that is seeking to bring an encryption product into Russia
  • Saudi Arabia  - it has been reported that the use of encryption is generally banned, but research has provided inconsistent information.  Contact the US State Department for further information
  • Tunisia - a license isued by Tunisia's National Agency for Electronic Certification (ANCE) is required
  • *Ukraine - a license issued by the Department of Special Telecommunication Systems and Protection of Information of the Security Service of Ukraine (SBU) is required

Since laws can change at any time, please check with the US State Department before travelling internationally to ensure that you have the most up-to-date information.  Additional information about international encryption controls can be found at the following websites:

http://rechten.uvt.nl/koops/cryptolaw/index.htm

http://www.wassenaar.org/introduction/index.html

 


Embargoed Countries

  • Cuba
  • Iran
  • North Korea
  • Sudan
  • Syria

If you must travel to one of the five embargoed countries, you may be able to obtain the appropriate export license, but the process can take, on average, ninety days for review. The Department of Commerce’s Bureau of Industry and Security and the Office of Foreign Assets Control (OFAC) within Dept. of Treasury accept applications for licenses to export encryption products and technologies. If you cannot obtain an export license, see the section above entitled "What to do if you cannot satisfy encryption export or import control requirements."

...