|If you are scheduled to travel outside of the United States, please review the information below, especially if traveling to high-risk countries with restrictions on the internet and personal devices.|
From University of Rhode Island:
- U.S. travelers are believed to be priority targets for cyber attack and monitoring/surveillance, particularly if they are known to be engaged in classified or proprietary research in a STEM (science, technology, engineering and mathematics) discipline. Institutional leaders, those who are politically or religiously active, fluent speakers of the local language and individual tourists may also be actively targeted, however all American should assume that they are potentially at risk if traveling to China or Russia.
- Laptops, tablets, e-book readers, smart phones and even regular cell phones taken overseas may be successfully attacked and compromised via malware or automated attack tools. Commercially available security software, even when completely up to date, may not prevent such compromise.
- Electronic devices may also be at risk of physical tampering or theft, particularly if those devices are left unattended (including devices left locked in a hotel room or even left locked in a hotel safe while dining, shopping or touring). On the other hand, carrying one’s laptop or other electronic devices continually may increase their risk of being accidentally lost or forgotten, or stolen by a thief/pickpocket. On balance, however, we recommend you keep your devices with you at all times.
- Devices taken across international borders may be subject to involuntary official governmental review and even complete duplication (e.g., in some countries, Customs officers may temporarily seize your device, and potentially keep a copy of one’s entire system on entry or exit).
- Use of encryption may be forbidden in some countries. For example, while many US universities routinely require whole disk encryption to protect personally identifiable information (PII) on laptops, some countries (such as China and the Russian Federation) do not allow importation/ exportation of encrypted devices. While some whole disk encryption products, such as TrueCrypt, allow you to attempt to conceal encrypted disk partitions, attempts at hiding encrypted disk partitions may nonetheless be detected, and lying in response to border official questioning about the existence of encrypted disk partitions may be a potentially serious criminal offense.
- Access to some web sites, including access to some mainstream popular western social media web sites, may be technically blocked. Secure (“https”) web sites and use of institutional virtual private networks (“VPNs”) may also be blocked by some countries, because it is more difficult for national authorities to monitor that encrypted traffic. Attempts to circumvent national censorship (e.g., with Tor, Ultrasurf or similar products) may be blocked and/or punished if noticed.
- If you are absolutely unable to be offline for the duration of your travel, do not take your normal day-to-day devices with you. Use a new temporary or loaner device, such as an inexpensive new laptop or a throw-away prepaid cell phone purchased just for that trip, instead.
- Be sure that any such new system is fully patched, and has all institutionally recommended security software installed, but otherwise minimize what it contains, and while abroad, minimize your use of that system.
- Ensure it requires a long/complex password for access, and keep it completely off (not just sleeping or hibernating) when you’re not actively using it, and keep it in your physical possession at all times.
- Assume anything you do on that system, particularly over the Internet, will be intercepted (in some cases, encrypted network traffic may be decrypted).
- Upon return to the U.S., immediately discontinue all use of that temporary system, and have it reviewed for indications that it may have been compromised abroad. The system should then be re-imaged or sanitized and in the case of a prepaid phone, disposed of.
- Change any/all passwords you may have used abroad.
- Option 1: Create a Yahoo email account, several days before you travel, and forward gmail to that account (Yahoo, so far, is not blocked). Be sure to test before your travel. Any problems, contact your local IT support.
- Can also sync your Google iCal to the calendar.yahoo.com (contact your local IT support for help prior to your travel)
- Option 2: Initialize remote desktop back to your campus computer (contact your local IT support for help prior to your travel)
- Option 3 (for calendar): paper printouts of calendar
Students, faculty and staff who travel to China have several choices for cell phones.
There are three major carriers: China Telecom, China Mobile, and China Unicom. All three carriers have stores where you can purchase a cellular phone. If you already have an unlocked phone that supports global use (typically through a wide range of UMTS/HSDPA/GSM bands), you can purchase a SIM card and service there for your existing phone.
Mobile Phone Options
Faculty, staff and students traveling to China for the first time will find that there are several cellular service options, some of which work differently than in the United States.
Some travelers wish to bring their US phone to be reachable at their usual American numbers, although US plans’ voice and data costs are relatively expensive even with a global plan activated. Others choose to get Chinese cell phone service to access low in-country rates and more easily reach colleagues and businesses in China; data service is much cheaper than with US global or domestic plans, but U.S./international numbers can often not be reached (although Skype can be used over cellular or Wi-Fi for cheap calls back to the US.)
The three most common options for travelers are:
Tips and Advice
Use a NCSU- or personally-paid phone with your US carrier service
Use your existing phone with Chinese service
Buy a phone just for use in China
- Things to Consider if Traveling to China
- An NCSU page with info on travel and export restrictions mentioned above: http://research.ncsu.edu/sparcs/compliance/export-controls/
- Tips from the National Counterintelligence Executive: Traveling Overseas with Mobile Phones, Laptops, PDAs, and other Electronic Devices: https://www.ncsc.gov/industry/travel/index.html
- “75 percent of technology products used by Chinese institutions must be classified as “secure and controllable” by 2019”: http://www.nytimes.com/2015/01/29/technology/in-china-new-cybersecurity-rules-perturb-western-tech-companies.html?_r=0
- Don’t leave your laptop alone: http://www.infoworld.com/article/2615610/data-security/when-in-china--don-t-leave-your-laptop-alone.html
- University of Michigan advice for traveling to a “high-risk” locations: http://safecomputing.umich.edu/protect-personal/high-risk-travel.php
- Entrepreneur Magazine - 5 Steps for keeping data safe when travelling: http://www.entrepreneur.com/article/223433
- From U.S. Department of State International Travel Information: China:
- “Surveillance and Monitoring: Security personnel carefully watch foreign visitors and may place you under surveillance. Hotel rooms (including meeting rooms), offices, cars, taxis, telephones, Internet usage, and fax machines may be monitored onsite or remotely, and personal possessions in hotel rooms, including computers, may be searched without your consent or knowledge. Security personnel have been known to detain and deport U.S. citizens sending private electronic messages critical of the Chinese government.“
- VPN Information and Workarounds: http://www.greycoder.com/best-vpn-china/
- Protocol information http://www.vpnc.org/vpn-standards.html
updated by dmluken 10/18/16