Computing Guidelines for Traveling to High-Risk Locations
When traveling to a high-risk location, especially if you work with sensitive university data when traveling, follow the Mobile Computing Guidelines for Traveling or Conducting Field Research and take these additional precautions to get access to U-M computing services and to protect your device and university data.
Accessing Computing Resources
Some countries have laws and regulations that restrict Internet access. Always respect and adhere to the laws and regulations of countries you visit.
Prepare for Limited Access.
- You may not be able to access YouTube, Google, Facebook, Twitter, blogs, and other websites in some countries on a consistent or reliable basis. If you will need materials from the web for your work while traveling, consider downloading them to your computer or mobile device ahead of time.
- You may not be able to access some M+Google apps or features from some locations. Plan ahead for this and let people know that you may not be able to read and respond to email while traveling.
- You may find that you are better able to get to your email from your phone using a cellular network than from a computer connected to the Internet. Check with your phone carrier about international data plans before you travel. You might consider getting a local phone with a pre-paid card in the country you are visiting.
Use the VPN.
- The U-M Virtual Private Network (VPN) provides a secure computing experience when accessing a University of Michigan network from a remote location or when using a wireless connection. It can also help you bypass Chinese firewalls. Use it when you connect to the Internet from your smartphone, tablet, or laptop. Install the VPN client and/or U-M profile on your device before your trip. U-M Health System faculty and staff should install and use the UMHS VPN.
- You may find VPN access blocked from locations in China and elsewhere. Do not attempt to illegally bypass the blocks. Do not put yourself at risk of being accused of cyber espionage or other crimes.
Avoid Internet Cafes and Untrusted Networks. Do not use untrusted networks, such as those in Internet Cafes and hotels, to access the Internet. In general, cellular networks are more secure than such publically available networks. Turn on VPN for your device as soon as you connect to the Internet over a wireless connection or from any remote network.
Use Virtual Sites. With Virtual Sites, you can use the software on Campus Computing Sites Windows workstations remotely from any Mac or Windows computer with an Internet connection. Virtual Sites lets you use computers on the U-M campus remotely. Go through to Virtual Sites webpage to connect. You can then access your email and other U-M services from the Sites workstation.
Be Mindful that Your Colleagues May Have Limited Access. If you collaborate with colleagues in countries where censorship is pervasive or substantial, be mindful of the large number of websites that are inaccessible to them. Understand that they are subject to the laws and regulations of their land—as are you if you travel there.
Protecting Devices and Data
See our general recommendations for protecting your devices and data and consider these additional precautions:
Take a Loaner Device. If you can, take a device with just the files and applications you will need while traveling. Officials in some countries inspect electronic devices and may download material from them. Some countries have encryption import restrictions that prevent you from encrypting data on your device. Protect yourself—and the university—by not taking any sensitive or private information with you. Check with your departmental IT staff to see if loaner laptop computers and other mobile devices are available to you.
Keep Devices Close at Hand or Locked Up. Perhaps the biggest risk to data and devices while traveling is loss or theft. Keep electronic devices close at hand and in view when you travel. If your hotel room has a safe, use it.
Change Your Password. Change your UMICH password to one that will be used only during your trip. Change your password before you leave and again on your return. Also change any other passwords you expect to use while traveling.
Don't Accept Thumbdrives from Others. Do not accept thumbdrives or other such devices from colleagues or others. Such devices may expose your computer to malware.
Use Encryption. Apply full disk encryption. This will provide a substantial layer of protection should your laptop, smartphone, or other mobile device become lost or stolen. See Protect Your Data and your unit IT support for instructions on encrypting your PC or encrypting your Mac laptop.
Do Not Access Sensitive Data. When in a high risk location, do not use any system that accesses sensitive data, even when using the university VPN. For general information about storing and sharing sensitive university data, see the Sensitive Data Guide to IT Services.
Disable Bluetooth, Wi-Fi, and GPS when not in use to limit potential unauthorized access to your device or data.
Turn Devices Off When Not in Use. In general, turn your devices off when you are not using them. During meetings in a high-risk location, for example, power off devices and remove batteries to mitigate risk of the microphone being turned on remotely.
Wipe Your Device When You Return. To ensure no hidden spyware returns with you and infects the U-M computing environment, have your IT department completely wipe your device and install a new image. Taking a loaner device makes it easier to take this precaution without losing information you wish to keep.
- Leave your MToken at home if you will be traveling to an embargoed country as identified by the federal government. See Mobile Device Security When Traveling or Conducting Field Research for more.
These articles describe risks of computing from China and offer guidance:
Additional travel security information and tips:
Related Policies and Standards