Security Tips for Travel

We often take for granted what it means to travel with our devices and staying digitally connected often means connecting to public networks in hotels, airports, train stations, and conference halls, that employ minimal security measures. These public networks often harbor malware from cybercriminals looking to steal your data for identity fraud, as well as nation-state actors targeting academic and business travelers for intellectual property. In some cases, education networks are broadly targeted by government agencies for the benefit of data theft.

To protect your data and device, follow our security safeguards before, during and after your trip. 

If you have any questions about securing your data on your trip, please send an email to security@berkeley.edu.

Before You Leave

  1. Register your trip and sign up for travel alerts. Review this page at Risk Services for information on how to register your travel, get travel insurance, and sign up for alerts on political unrest, natural disasters, and other health warnings.
  2. Leave your data and/or device at home.  The best way to safeguard your data or device is to not bring them on the trip.  If you don’t need to access data stored on your computer, leave it in a secure location at home or bring a loaner instead. Consult your technical support staff to see if there’s an option to borrow a loaner computer for your trip. 
  3. Backup your data.  Regardless of travel, you should always backup your data that way you can be sure you have a copy from which you can recover your data.
  4. Install and configure encryption software.  In the unfortunate scenario where your device is lost or stolen, disk encryption software can help protect your data such that only you and people you authorized can decode and read the encrypted data.  Full disk encryption software, which is freely bundled with recent Microsoft Windows and Mac OS X operating systems, is easy to use and setup.  
  5. Install and configure campus VPN software.  To protect against eavesdroppers install and configure VPN software and utilize full tunneling, which will secure all internet traffic. 
  6. Configure device according to campus minimum security standard (MSSND).  The following requirements are especially critical for foreign travelers:
    • update your operating system and application software to the latest versions possible
    • install and update anti-malware software
    • choose strong passphrases
    • for laptops, setup and use a personal account that does not have superuser (root, administrator) privileges

On the Road

  1. Do NOT leave your device unattended. Always know where your device it. Do not leave it unattended, lend it to someone you just met or leave it in your checked bag on your flight.  If you ever leave your computer, make sure to turn it off instead of just hibernating it or putting it to sleep.
  2. Do NOT plug in untrusted accessories.  Untrusted accessories, those that came from questionable sources, can be infected with malware intended to steal your data.  Avoid plugging in any untrusted accessories (flash drive, charging cable, SD cards, etc.) to your device.  Try to plan and take all the necessary accessories with you, but if you must purchase an accessory abroad, make sure it is from a reputable source.
  3. Do NOT enter your credentials into public computers.  Public computers such as hotel business center workstations and internet cafe computers are often poorly managed and provide minimal security protection to users.  If the need to use public computers arises during your travel, avoid entering your credentials.
  4. Connect only to known WIFI networks. It’s tempting to stay in touch with friends and colleagues as you travel by connecting to wifi networks. However, anyone can create a network and give it a legitimate sounding name,  to lure unsuspecting travelers to give up personal information transmitted through the network. This is especially prevalent at public cafes, hotel lobbies, and airports.  
  5. Turn off your wifi when not in use. To help you avoid accidentally connecting your device to rogue wifi networks once you are finished using the network, turn off WIFI on your device.
  6. Use VPN Software to establish a secure network connection.  The Campus VPN creates a secure connection to UCB that will prevent network eavesdroppers from gleaning private information when you use the network on the road.  
  7. Use a non-privileged account.  Just as software installation requires elevated privileged accounts, malware often requires elevated privileges to infect your computer.  Use a non-privileged (examples are admin or root) account and only elevate privileges when necessary on your device. This will provide additional protection against malware infections. 
  8. Practice safe web browsing. The websites you visit online hold valuable data about you. They are also becoming gateways through which hackers can steal your data by infecting websites with malware.  
    1. Connect to HTTPS websites. Web pages you connect to using HTTP exchange information that is not encrypted. This could expose your information to attackers on the public networks used during travel.  Before sending or receiving any sensitive information, make sure the internet address (URL) in the web browser starts with HTTPS.
      1. If your browser displays an error about the digital certificate used to encrypt the data, i.e. that it cannot verify the identity of the HTTPS website, you should assume the site is fake, compromised or the web traffic is being intercepted. Stop connecting to the website and try it from another location.  Examples of such an attack targeting popular sites have been observed against academic institutions.
    2. Do not click on suspicious links or prompts. Malicious websites commonly craft attacks to exploit a user’s curiosity, impatience or to scare them with malware threats.  These malicious attacks might come in the form of links or pop-ups that present free offers too good to be true or imminent malware infection if you don’t install the product.  Think before you click a link or “Yes” to a prompt.
    3. Clear browsing session information when using devices that do not belong to you. Some web applications do not log you out entirely, even when clicking the logout button or closing the browser.  Such behavior allows the next person who uses the device to browse to the same page or click the back button to access your data as if you are still logged in. To prevent others from accessing your account and data, clear all the web browser session information.
  9. Take note of the credentials you are using during the trip. Regardless of whether you are using them on your device or public computer, they may be compromised.  To be safe, take note of the credentials you used so you can change them on a trusted and secure device once you return.

After Your Trip

  1. Reset credentials you used during the trip.  As noted above, consider credentials you used during the journey to be compromised.  Use a trusted computer, whether it’s your own or one provided by your IT support staff, to reset credentials that were used during the trip.  For example, if you use your Calnet credentials during the trip, go to CalNet management website to reset your CalNet passphrase.