Staying connected has never been easier. Even when you travel, you can still access your data. This includes Yale data while traveling for academia or business, or personal data, such as checking your bank account. When you travel, it's important to be aware of how we connect to our data. Read on to learn about best practices for secure travel.
Ten tips for secure travel
1. Travel with the least amount of devices and data possible
If you can leave a computing device at home, do so. This will limit the ways a bad actor can steal or access your data and devices. Do you need to bring your smartphone, tablet, and laptop? Could you leave one or two behind?
If you don't need the data during your trip, delete it on each device you bring with you.
2. Use a loaner device
The loaner device will meet the Minimum Security Standards for the data you are taking. Loaner devices need a new, hardened, and minimal installation of software—this makes it challenging for bad actors to compromise your data or access your device. Talk to your department and/or local IT support about how to get a loaner device.
If you can't use a loaner, take extra security steps for your device
- Ensure your device meets the Minimum Security Standards for the data you take.
- Delete all data and applications you won't need while traveling.
- Store data you do need within secure applications. Refrain from storing any data on a hard drive (e.g. in your Documents folder or on your Desktop).
3. Bring your own charger
Some chargers can be altered to infect a device or take data, including chargers for smartphones or tablets. Some chargers, such as laptops, are a power source and do not pose this threat. For added safety, bring your own chargers for all devices.
4. Keep devices and chargers with you at all times
The loss of physical proximity to your device increases the odds a bad actor can gain access to data, device credentials, or steal your device. Do your best not to leave devices unoccupied at a hotel, and bring devices with you in your carry-on baggage.
If you were unable to keep the devices with you the whole time, have your IT Support Provider check them when you return.
5. Turn off WiFi and Bluetooth
Keeping your Wifi and Bluetooth on while you travel increases your risk, as is is easier for your device to be compromised. See below for how to secure public WiFi when you need it.
6. Use Yale's VPN when connecting to public WiFi
Yale's Virtual Private Network (VPN) secures your Internet connection. Use Yale's VPN when you work from an unsecure internet connection, such as public WiFi. Common places you find public WiFi when traveling include your hotel or a coffee shop. Be sure to use VPN for each device you use.
7. Take extra precaution with your passwords
It's important to use unique, secure passwords for each user account. When traveling, taking extra precautions is key. First, remove any saved passwords from your device. For example, if you save ("cache") your password in your browser, or use Apple Keychain. Second, do not enter usernames and passwords on a device that is not your own. These extra precautions will help prevent bad actors from stealing your credentials.
8. Enable Multi-factor Authentication (MFA)
Yale has MFA set up whenever you are working off-campus. Consider enrolling in DUO Everywhere to reduce the number of times you need to use DUO. Also, consider if you will need access to sensitive, personal information, such as your bank account. If yes, you may also want to set up MFA with those accounts. MFA does require some prep work prior to any travels. Your IT Support Provider can help set up the correct MFA method based on your travel plans.
9. Be aware of security restrictions in some countries
This includes restrictions on:
- Export Controlled Data
10. Be aware of your surroundings
Cameras and people can steal information or passwords. To ensure this doesn't happen to you, consider the following:
- Be aware of who and what's around you when working with sensitive information.
- Do not accept or use portable media given to you.
- Cover cameras and muffle mics during confidential meetings.
- If you travel to a confidential area, remove the battery of your cell phone, as cell phones can provide location information, even when powered off.