Working while you're travelling

Protecting information during travel. Don't let your device be stolen, or infiltrated. Limit your use of WiFi networks.

If you are working in a public area then you need to take into account that people around you may take interest in what you are doing. Whilst it is tempting to assume that even if they can see or hear something it will not be of interest to them this may not necessarily be the case.

  • Be aware of people around you and what they may be able to see or hear.
  • Consider using a more private area for your work or meetings.
  • Consider a privacy filter on your laptop screen which can make it more difficult for someone beside you to see your screen. These can be ordered from the University's suppliers for office supplies.
  • Remember that your keyboard is also visible - be careful when entering passwords.

Image
Protect Against Loss

Don't forget that Information Security can rely on physical security: don't let your devices get lost or stolen

  • Keep your devices with you at all times
  • Don’t leave your devices unattended
  • Carry your laptop and devices as hand luggage 
    • It helps if your devices are light, and easy to carry
  • If your device is taken from you, even for a short time, note the circumstances and report back to the University as soon as you are able
  • If your device is stolen report to local law enforcement and report back to the University as soon as you are able

Image
Malicious Wifi

Take care which WiFi networks you use. Use as few of these as you can. Before using any WiFi network, look for independent affirmation that the service you are connecting to is the official service of the location you are at.

Check at the reception desk of your hotel, conference centre, or host organisation for the official wireless service to use.

  • Only use the official WiFi services in your hotel, conference centre, airports, etc
  • Look for additional published information about the wireless network in your locality, or ask at reception
  • It is easy for third parties with malicious intent to establish similar sounding WiFi networks to capture your passwords, or other sensitive information from you - be wary
  • Regardless of whether it’s the official network or not, you should ideally use only encrypted WiFi Services if you can, and use the VPN to enhance that security
  • Do not use any unencrypted WiFi service without using the University VPN.

Image
Use University VPN

It's important to use University VPN if you are dealing with University or personal data. It helps not only hide passwords from an eavesdropper, but also provides a degree of privacy since it hides the content of your data.

The link below instructs you how to use the VPN service.

VPN (Virtual Private Network)

Image
Understand customs requirements

Do what customs officials tell you to. If they require that you decrypt  or provide access to devices or information you are carrying, you should do that for them. Re-encrypt when they have finished. Do not tell them your encryption password unless they demand that from you directly. Explain that it is University policy never to reveal a password, but type it for them (concealing your keystrokes) if they insist.

Note: it is possible that they may have recorded your password even if you attempted to conceal it.

If customs do request decryption or access, make a note of the circumstances, the date and time, and if possible, the identities of the customs officers (their number) concerned. Send a summary of what happened, and where you were (without including any sensitive information) to the University IS helpline as soon as you are able.

The University recognises the high stress that you may experience if you are ordered to do things at customs control and understands that you may not be able to record or recall the circumstances. Cope as well as you can, and report back what you are able to, and when you are able.

Image
Only Access Information You Need

Whenever you access a service or data, there is a risk that it may be intercepted. When data is downloaded to your computer there is a risk that it will be exposed by:

  • interception on the network
  • an unencrypted copy remaining on the device you are using, which then may be lost, stolen, or compromised in some other way
  • an encrypted copy remaining on the device you are using, but which may be decrypted by customs, or border controls when you leave

You need to take special care in countries that do not permit your use of encryption, or if you are using a computer or device that has not been encrypted.

You should avoid downloading any data that you do not need to have access to locally - use our online services where possible. Any data that is accidentally downloaded should be deleted if possible. 

Remain vigilant about the sensitivity of any information accessed on your computer.

Do not take University or personal data with you unless it is absolutely necessary.