Information Technology Security - Best Practices for International Travel and Information Technology

Security student-travel Faculty Travel Staff Foreign Export Controls

There are several federal laws regarding foreign travel and export controls, such as the U.S. Department of State Bureau of Consular Affairs, U.S. Department of State International Traffic in Arms Regulations (ITAR), U.S. Department of Commerce Export Administration Regulations (EAR), and the Department of Treasury Officer of Foreign Assets Control (OFAC). These are in addition to Texas A&M University System (TAMUS) Policy 15.02, Export Controls Program, Tarleton State University (Tarleton) Rule 15.02.99.T1, Export Controls Compliance, and the Tarleton Export Control Compliance Manual. In addition to all of these requirements and laws/regulations, there are several best practices when traveling internationally, especially as they relate to information technology. This knowledge base article provides some supplemental information and includes a summary of some best practices for consideration prior, during, and post foreign travel regarding information technology and devices (laptops, cell phones, tablets, smart watches, etc.).

Section 1 - What to Consider When Thinking About Foreign Travel

Ensure that you are aware of United States foreign travel and export control laws and requirements prior to your travel such as:

Also, ensure that you review any specific requirements or laws that are in place regarding foreign travel to their country, some of this information can be found on the U.S. Department of State Bureau of Consular Affairs website as a good starting place. U.S. Customs and Border Protection may search and copy the contents of travelers' laptops and expect travelers to divulge credentials and encryption keys as necessary. When traveling internationally, you can expect similar treatment when visiting other countries. Refusal to comply could result in seizure/confiscation of your devices or denial of entry into the host country. Once in the country, there are still risks to confidential, controlled, and sensitive data. Also, some countries legally prohibit encryption and others may view encryption suspiciously. Physical loss and digital espionage can also put confidential information (or tools to access it) on your devices at risk.

There should be no expectation of privacy during your international travel that is why it is crucial to understand United States foreign travel requirements as well as the host country's requirements before you leave. Always assume that eavesdropping is possible on any of your electronic devices while traveling outside of the United States.

Also, when conducting any Tarleton business or traveling on business associated with Tarleton, please continue to ensure compliance with Tarleton I.T. Standards for All Users and all other applicable Information Technology Standards (including the Tarleton Security Controls Catalog) shown on the Innovative Technology Solutions - Information Security webpage.

Section 2 - When Preparing for Foreign Travel

Ensure you contact the Tarleton University Compliance Department - Export Controls Office as they can provide further guidance on any required reviews and potential approvals needed prior to foreign travel - well in advance of your foreign travel departure is best. Also, the Tarleton Export Controls Office can provide further guidance on export control requirements to ensure that foreign travel and any information/data potentially traveling overseas is in accordance with federal laws, TAMUS policies, and Tarleton rules.

Also Tarleton's Risk Management & Safety Department, Human Resources Department (for employees traveling), and the Student Travel Office (for students traveling) may also have additional foreign travel information and requirements for assistance prior to foreign travel. Additional resources can be found on the following Tarleton webpages, including, but not limited to:

Request a Loaner Laptop from the Office of Innovative Technology Solutions (OITS) Service Desk:

This can be done online through the OITS Computer Service Desk ticket on the ITS website , or
This can be done in person at the OITS Service Desk located in Administration Annex II the ITS Building (this is Building No. 532 on the Tarleton Stephenville Campus Map) or at the Rickett Library for the Tarleton Fort Worth Campus.

For any other assistance, please reach out to the Tarleton OITS Security Team or the OITS Service Desk for additional information on requesting a loaner laptop.

Protect Your Devices and Data:

Use Strong Passwords & Multi-Factor Authentication (MFA): Ensure that all your devices, accounts, and apps are protected with strong, unique passwords. Enable MFA wherever possible for added security.
Encrypt Your Devices, when possible: Encrypt your laptop, smartphone, or tablet so that your data is protected in case your device is lost or stolen. Ensure that any encryption practices are followed for the host country also to avoid any issues during your travel.
Install Antivirus Software: Ensure that any personal devices have installed and up-to-date antivirus software to help protect your technology/data when traveling abroad.
Back-Up Your Data: Before leaving, back up important files, photos, and documents to a cloud service or external storage. This ensures you don’t lose anything in case of theft, loss, or device malfunction.
Update All Software: Make sure your devices are up-to-date on the latest operating systems, apps, and security patches before you travel to ensure smooth operation and protection from vulnerabilities.
Research Local Cybersecurity Laws: Different countries may have different rules regarding privacy and data protection. Make sure you are familiar with local regulations about digital behavior, online transactions, and sharing personal information. A good place to start is the U.S. Department of State Bureau of Consular Affairs website.
Notify Banks of Your Travel Plans: Before you leave, inform your bank of your international travel plans to avoid having your cards blocked due to suspicious activity. Also, carry a backup payment method in case one fails or use mobile payment solutions.
Enable “Find My Device” Features: Enable location-tracking features on your devices (like “Find My iPhone” or “Find My Device” on Android). This can help locate your phone or laptop if it goes missing.

Section 3 - While Traveling Overseas

Keep Devices with You: Do not leave any electronic devices (cell phones, laptops, tablets, etc.) unattended, even in your hotel room or safe. Do not pack electronic devices in your checked bags or ask someone to watch them for you.
Be Wary of Public Wi-Fi: Wi-Fi hotspots for public use are targets for information theft. While on public Wi-Fi, your device is vulnerable to data miners.
Connect to Tarleton Information Resources using Virtual Private Network (VPN): You should connect to a VPN whenever possible or avoid visiting websites that contain confidential information, such as banking websites, to keep your information secure.
Beware of Phishing and Scams: Be extra cautious when accessing emails or messages, especially from unknown sources. Scammers often target travelers with fake travel alerts or offers. Avoid clicking on suspicious links.
Disconnect When Possible: Turn off Bluetooth, cellular services and Wi-Fi any time you are not using them, when feasible.
Limit Access to Restricted Information: To prevent the interception of information without your knowledge, avoid accessing confidential, sensitive, proprietary, research or export-restricted information from your electronic device. If you must access these items for presentations or collaboration, use a secure VPN connection, unless encryption is prohibited in the host country. Additional information on email encryption can be found on the Innovative Technology Solutions - Faculty & Staff Email webpage and smart phone safety tips/encryption information can be found on the Innovative Technology Solutions - Smart Phone webpage.
Beware of Shoulder Surfing: Be mindful of your surroundings when accessing sensitive information, such as your bank account or personal details in public spaces. When possible, use privacy screens when on public transportation or in other public places, like cafes, as a privacy screen protector can help prevent others from seeing sensitive information on your device.
Loss or Theft: Immediately report loss or theft of electronic devices to the local authorities and either itsecurity@tarleton.edu or your departmental IT staff at helpdesk@tarleton.edu. Do not wait until your return to report loss or theft. Take the necessary contact information with you and store it separately from your electronic devices.

Section 4 - What to do When You Return from Foreign Travel

Return any loaner devices: Remove all data from your loaner devices and return them promptly to the OITS Service Desk at Admin Annex II in Stephenville or the Rickett Library in Fort Worth.
Change Your Passwords: Change your password on any service, device or application that you accessed while traveling or that shares a password that you used while traveling. This will help ensure that your accounts remain secure.
Sanitize Your Devices: When possible, reinstall the Operating System on any devices you carried on your trip. Otherwise, request that an IT person analyze your device for malware or unauthorized access. Please contact the OITS Service Desk or OITS Security Team for further assistance.

Section 5 - Resources

0 reviews

Print Article

Updating...