Cybersecurity is a complex arena, and it extends well beyond the research domain.  For purposes of research security, the following resources may be helpful starting points.

• Information Security and Policy Office (ISPO)
• Research and High Performance Computing (HPC)
• ITS Security and Safe Computing

When UI researchers are considering international travel for conferences or research collaborations, communication with our campus partners in Information Technology Services (ITS) is paramount, especially when traveling with UI equipment and UI-produced data.  ITS Security provides the following checklists for UI faculty, staff and students traveling internationally with University of Iowa software and hardware:

Software needs - Work with your local IT Support with university devices

1. Change your Hawk ID password ahead of time to avoid the inconvenience of an expired password.
2. Never write your passwords down and leave them with/on your computer or in the carrying case.
3. NEVER set device web browsers to remember login passwords. Always clear out the browser cache before you leave. (Check your Internet Options, and delete any saved files, pages, passwords, or the entire browser history.)
4. Update the device Operating System including application/ program updates.
5. Work with your local IT support and or Help Desk to set up DUO Two-step login ahead of domestic and international travel.
6. Do not travel with/ store sensitive personally identifiable information (PII), or restricted/ regulated data on any device.  Should the device fall into the wrong hands the sensitive data or software could become compromised/ lost.
7. If traveling with personal devices, consider utilizing some form of disk or folder encryption software to protect your personal files.
   **NOTE** Consult your local IT support staff before turning on encryption. If you activate/use encryption incorrectly, you could lose your data.  See the Traveling abroad section for additional information.
8. Unsecured wireless can easily be intercepted ("sniffed"), so consider only using secured wireless services (WPA2 with password, or similar) in combination with either the UI AnyConnect VPN or GlobalProtect VPN service to connect to university resources for more details see: https://its.uiowa.edu/vpn. N.B. GlobalProtect VPN is not intended for use outside the United States.
9. Configure the device's screen to automatically lock after a short period of inactivity, and require your password to resume (unlock) it. Never leave your computer turned on and logged in, even in your hotel room.
10. To help track/locate stolen or lost personal devices, consider activating location software included on your device, or purchasing and installing location hardware and software products.

11. Consider setting up your device(s) to allow you to remotely wipe the device in the event it is either lost or stolen. Work with your local IT support person to set this up correctly.

     

 Hardware Needs - Work with your local IT Support with university devices

Not as common anymore however, if you plan to print out documentation in the duration of your visit, copy it onto external media (e.g. USB flash drive). It is a much more convenient way to print documents in a business center (hotel/conference facility or similar) than connecting and configuring your devices to reach networked printers.

Invest in some form of physical locking device - a laptop security cable or similarly appropriate technology.

If you need to use your computer on one of the airlines, it may be a good idea to check ahead of time to see if the airline you are taking has the required power connections. (https://www.seatguru.com/ is one web site you can visit to get information.)

While traveling

If working with protected information in a public place i.e. at a conference, be aware of your physical location as shoulder surfers (persons observing what you type) are a risk.

Disable infrared and or Bluetooth ports and any other device communication features when they are not in use.

Do not leave your mobile device unattended in your hotel room, or at any time. If you are not using it, lock it away in an hotel safe, or if you do not have one, lock it away in your luggage. In some international destinations, laptops are a sign of wealth and could attract the attention of thieves. Limit the use of your device/s in public, where possible.

Before you return, be sure to transfer all data files that you handled while traveling back to your personal or departmental file storage location (H, S, R, or L drive), and then delete the files from your portable device. It may be a good idea to create a list of equipment before you leave and check it to make sure you're not leaving anything behind.

A lot of mobile devices come preinstalled/ packaged with all sorts of software or peripherals and on occasion you may not be entirely sure how they work. A good rule of thumb with anything of this nature, not just software, is if you are not going to use it, it does not need to be started, turned on, or plugged in.
 

Using public computers

NEVER access any sensitive personally identifiable information (PII), sensitive, regulated institutional data from public computers.

Remember to LOG out and exit out of all programs and applications before you leave the public computer.

Remove all external media inserted into the computer before leaving.

Upon return to the University of Iowa 

Check to ensure all removable media and documents you may have used on your trip are appropriately stored or destroyed.

It is a recommended best practice to change your Hawk ID password upon your arrival back to campus. This is just in case someone was able to sniff, observe, or otherwise obtain it while you were traveling.

If you traveled abroad, work with your local IT Support or Help Desk to reformat/reinstall portable devices that were used outside of the US before connecting to either your home or the campus network.  (For US travel,  also consider having your portable device reformatted/reinstalled if you suspect an issue.)  This is to ensure the device is free of malware (keystroke loggers etc.), or other problems potentially introduced over the course of travel.

Information Technology Services can also support UI faculty, staff and students who may decide that Encryption is an appropriate cybersecurity measure when traveling with research materials or for research collaborations and conferences.  Encryption is a method to protect digital information, by scrambling it as it travels across the Internet, or scrambling it when the information is “at rest” or stored on our computers.  This ensures that only authorized users can decrypt (un-scramble) the information and use it.  Encryption enhances the privacy and confidentiality, as well as the integrity and authenticity of our information.  It helps keep our information safe.