Purpose:
Faculty and staff members who are traveling to risky areas as defined in University’s Faculty and Staff International Travel Policy must follow ITS procedures to protect University data and devices.
Lisa's Note:
Until we have clarity around our procedures (see below), we may want to publish something like this:
Consistent with the University’s Faculty and Staff International Travel Policy, ITS works with those traveling to high-risk countries to help protect University data and devices during their visit.
If you plan to travel to a Level 3 or Level 4 country, contact the ITS Service Desk for an ITS security consultation and review at least 30 days before departure. ITS will provide you with information/guidance to safeguard University data and devices until all post-travel activities have been completed. In some cases, it may be necessary to [change your password? Re-image your computer? Anything else we might mention here?]
Procedure:
...
- Review traveler’s use of a University computer:
- Determination for loaner computer or re-imaging of existing computer (Is a loaner computer a realistic option?)
- Likely methods for internet connections. (Not sure what this means.)
- Other connections, such as Bluetooth and USB. (Not sure what this means.)
- Configuration of University's Global Protect VPN. (Not sure what this means, nor do I know who does the configuring.)
- Review traveler’s access to sensitive data/applications. (How does this happen and who does it?)
- Assess other potential cybersecurity risks associated with specific travel details. (How is this determined and who does it?)
- Use of personal devices to access University data. (Guessing this is strictly cautionary guidance?)
- Resetting user account password (Guessing this might be a requirement after travel is complete? If so, can we enforce it?)
...
Related information:
...