Recommendations for International Travel- Plan ahead to protect your data while traveling abroad

Summary

Business Trip abroad? Planning a vacation in another country? Here are some cybersecurity tips to keep your accounts, data, and devices secure while travelling.

Body

When planning international travel — whether for Cambrian business or personal time — it's important to consider how you can securely access information from your devices. This guide summarizes best practices to ensure your data is protected before, during, and when you return from your travel abroad.

While we try to offer recommendations around device security and data protection, it is your responsibility to do the necessary due-diligence and research everything about the country you plan to visit.

Potential Risk

Theft of data, including proprietary research, patient data, personally identifiable information, etc.
Theft of information resources including laptops, smart phones, tablets, flash drives, etc.
Physical damage to devices as the result of accidents.
Political unrest, natural disasters, health concerns (epidemic) in the host country.
Exposure to vulnerable and poorly secured public WiFi networks such as hotels, airports, restaurants, coffee shops, etc.
Risk due to unfavorable international data protection/security regulations, e.g., the use of encryption software.

Before you travel

For personal travel, do not carry your Cambrian college device during travel if you do not plan to access college resources.

In case of business travel, please note the below steps to keep devices secure and your data protected.

Travel Lean- Take minimum devices required- laptop, mobile, ipad etc
Get Authorization - If you are carrying departmental data on your device, ensure that you have authorization to take the data off‐site.
Notify Information Technology Department - In order to provide better assistance, please note the below-
- Short Duration Remote Work out of Province / Canada (1 – 30 days) needs to be approved by Dean/Director Level. (Remote Work Assessment and Approval Operating Procedure)
- Notify the Information Technology department prior to travel by submitting a ticket under Service - Prepare to Travel Abroad
- Even with our best support, some resources are restricted in certain countries by the vendor. Refer to the below knowledge base article to determine the availability before travel- Accessing Cambrian College Technology Resources while Traveling (Outside Canada)
Update your Software -
- For Corporate device - Make sure you restart you device before travel , to ensure it gets all the updates.
- For Personal device - Apply all available updates to your computer and phone before departure. This includes ant-virus/anti-malware, operating systems, and applications.
Test your Virtual Private Network (VPN) - A VPN connection on your corporate laptop replicates the connectivity you would experience when working on campus. Before starting applications such as Outlook ensure that you are first connected to the VPN via the Cisco AnyConnect Security Mobility Client. Be sure to connect your network drives before you get down to business.
Data Security - Remove any documents containing sensitive/ personal/ health or financial information from your device. Make sure you have saved all necessary files on Department shared drives (S:) or your Cambrian One Drive.
Backup your Data - Backup your data to a device and store it securely – assume that all data you bring will be lost.

While you travel

Dos

Be aware of your surroundings. Watch for those looking over your shoulder or potential thieves.
Disable broadcast services like Wi-Fi access points, Bluetooth devices, and GPS (location services) when not needed.
Use private browsing whenever possible (Chrome, Firefox, Safari, Edge).
Use VPN access whenever possible.
Report incidents if you believe that your device or confidential information may have been compromised.
If your device(s) are lost or stolen, notify Cambrian IT Service desk right away.

Don'ts

Do not plug your phone into charger kiosks. There may be a hostile computer on the other end of that innocent-looking wire.
Avoid using public workstations as they cannot be trusted. Assume that anything that you enter into the system may be captured and used.
Do not leave your devices unattended. Even hotel safes are not secure.
Don’t connect to unknown resources like Wi-Fi access points and Bluetooth devices.

When you return

Devices used abroad have a high potential to be compromised. Take safety measures such as changing passwords when you return if you observe any signs of abnormal activity.
Run antivirus scans on your corporate and personal devices. Follow the instructions here for your corporate device.
If your corporate/ personal credit card was used while traveling, check your bank statements for any discrepancies.

High-risk cybersecurity & privacy countries

Canadian government has identified pervasive threats to information security from certain countries deemed “high risk.” If you're traveling to the following high-risk locations, be aware that there is no presumption of privacy. This means that you should assume all data is accessible by local government and non-governmental actors and that information can be compromised.

High Risk Countries

Afghanistan*
Algeria
Belarus*
Burkina Faso*
Cambodia
Central African Republic*
China
Cuba
Eritrea
Ethiopia
Guinea
Haiti*
Hong Kong
Iran*
Iraq*
Israel, the West Bank and the Gaza Strip
Lebanon*
Liberia
Libya*
Mali*
Myanmar*
Niger*
North Korea*
Papua New Guinea
Russia*
Sierra Leone
Somalia*
South Sudan*
Sudan*
Syria*
Ukraine/Crimea and Donbas Regions*
Venezuela*
Yemen

*Travel to these countries has been flagged as "Avoid All Travel" as per the Government of Canada - Travel advice and advisories.

For more information please visit Cyber security while traveling by Government of Canada.

Details

Article ID: 8628

Created

Wed 1/31/24 3:45 PM

Modified

Mon 3/3/25 4:27 PM