Technology is an essential component of work and that is no less true for work abroad. By technology we refer to both equipment that is used as part of research projects and devices that help University personnel stay connected and productive while away from the office. This page provides a number of important technology guidelines and tips for international travel. These guidelines are designed to help you more easily adapt to international travel and protect your devices and data while traveling, and they will also help to protect University of Pittsburgh systems and data.
Modern travel for work routinely incorporates devices such as mobile phones, tablets, and laptops that are technology-rich and easy to transport. However, international travel with these devices can involve compatibility issues and security risks different than for domestic use of such devices.
Charging your Device
The US operates on 110 volts/60 cycle current. Most of the rest of the world operates on 220 volts/50 cycles. Most electronic devices today operate at low voltage and have a power converter as part of the charger that converts the house current to that low voltage. If you look at the converter you are likely to see that it works for 110-220 volts and 50-60 cycles. Thus, it doesn’t matter where you are in the world when you plug it in (but do check before you plug it in!). But, there are a variety of plug and outlet shapes around the world. You will need an adapter that allows you to use a US plug in a non-US outlet. These are available online and in travel-focused stores; you will need to identify to which country you are traveling.
Mobile Phone Hardware & Networks
The US uses two incompatible voice technologies for mobile phones, CDMA (Verizon, Sprint) and GSM (AT&T, T Mobile). Most of the world uses GSM. If you have a fairly new phone with AT&T or T Mobile, it is likely to work abroad even if not labeled as a ‘world phone’, that is less likely to be true for such devices from Verizon or Sprint. Many modern smartphones (e.g., the newest iPhones and Samsung Galaxy phones), even those from Verizon and Sprint, will be labeled as world phones and if so will include the hardware to work on a GSM network abroad.
Mobile Phone Plans
If your phone works abroad, great, but if you use it for voice, text, or data, it is liable to be extremely expensive unless you invoke an international plan. All four major carriers have international plans with details and costs that vary by carrier. These plans make it much more reasonable to stay connected.
VOIP (Voice Over Internet Protocol) alternatives exist for personal use. Skype (a Microsoft product) and FaceTime (an Apple product) both allow voice or video calls through computers or mobile devices and are free or inexpensive if you have access to an internet connection. Pitt supplies Skype for Business (formerly Lync), which provides connectivity solutions free to Pitt faculty, staff, and students.
Pitt participates in eduroam, an international education network that provides secure Wi-Fi connectivity using your Pitt credentials. Depending on availability at your destination, it may prove the best connectivity option, as opposed to free, public networks.
Travel anywhere with mobile devices involves risks, including the loss of the device or malicious hacking of the device. Loss of the device can mean the loss of data and can afford unauthorized individuals the opportunity to use the device to get access to your personal or professional accounts and information. In addition, a lost device that falls into the wrong hands can provide individuals a path into University systems. Hacking is a possibility in any location including home or the office, but is especially likely in places like airports and hotels when accessing unsecured networks.
The risk of having a device compromised by hacking exists anywhere in the world, including the US. However, some destinations pose more risk than others. A number of recent articles describe locations of the origins of cyber attacks, including the article, Cyberwar Ignites a New Arms Race. Such articles can be helpful in assessing whether your travel destination makes you particularly vulnerable to such attacks, but it is useful to remember that the source of cyber attacks changes over time.
The best practice for managing risks for these devices is to not take your own device with you and instead use a device from the Technology Loaner Program that has been prepared for your travel. We describe the Technology Loaner Program in detail below. If you do take your own device, you should follow a security protocol to reduce the risks in using your own device. We describe these steps immediately below the Technology Loaner Program.
The U.S. Export Controls laws and regulations exist to protect the national security, economic interests and foreign policies of the United States. The Office of Export Controls Services (OEC) at the University of Pittsburgh was created to provide best practices advice and hands-on assistance to the University community for compliance with these laws and regulations. The rules can apply to research equipment, mobile technology, software, data, etc. The rules are complicated but a very clear exposition is on the OEC website.
For individuals traveling internationally, two major issues will drive the applicability of export restrictions: type of technology and travel destination. The OEC website covers the former under classification for export and the latter under embargoed and sanctioned countries. Generally speaking, consult the Office of Export Controls Services website and/or call their office well in advance to determine if an export authorization will be required (obtaining a license, if required, can take up to several weeks). They will also be able to help determine the need to remove any export-controlled information, technical data, and software from your devices prior to leaving the U.S.
International travel poses security risks to data stored on computers and mobile devices. Taking your laptop or mobile device when you travel significantly increases the possibility of data and identity theft. The Technology Loaner Program for International Travel offers loaner laptops, iPads, and smartphones to individuals traveling abroad to lessen the associated security risks while allowing full use of required software applications.
Devices are available to faculty and staff for the purpose of conducting University business and program activities during international travel. Devices and a limited data plan are provided at no charge. Other costs such as data overage charges; international voice; text messaging; and lost, stolen or damaged equipment are the responsibility of the borrower and his or her department.
- Register your trip through the International SOS MyTrips portal.
- Complete the Technology Loaner Program Device Request form.
Note: While the service is free, you will need to provide a departmental account number to cover telephone overages or to replace damaged or lost hardware. It’s best to have the department account number on hand before you begin filling out the form.
- CSSD will contact you to let you know where and when you can pick up the device(s).
- Loan requests must be submitted at least ten working days prior to departure. Devices are loaned on a first-come, first-served basis. Submission of a request does not guarantee availability. The maximum loan period is 90 days.
- Loaned devices are property of the University of Pittsburgh. Devices and a limited data plan are provided at no charge. Other costs such as data overage charges, international voice; text messaging, and lost, stolen or damaged equipment are the responsibility of the borrower and his or her department. If a loaned item is damaged, contact the Technology Help Desk at 412 624-HELP .
- Computing Services and Systems Development (CSSD) will only install software or app titles on a device if the licensing agreement includes international use rights. Do not install any software on loaned devices that is not needed to conduct University business. CSSD will try to honor requests to install specific software and app titles that are available through Software Distribution Services, the Software Download service, and the Pitt App Store.
- Do not store sensitive information on any loaned devices. Examples of sensitive information include Social Security Numbers, patient health information, and credit card information.
- Borrowers should keep the device(s) in their possession at all times. If a loaned device is lost or stolen, report it to the campus police at 412-624-4040 and then contact the Technology Help Desk at 412-624-HELP .
- Loan requests cannot be approved if the international travel itinerary includes a destination that is identified as a state sponsor of terrorism or is listed as an embargoed actor by the U.S. Department of State. These countries include: Cuba, Iran, North Korea, Syria, and Sudan.
- Trade restrictions have been placed on some countries, for example Myanmar (Burma), China, Israel, Kazakhstan, Russia, Saudi Arabia and Ukraine. Devices that are loaned for international travel to such countries must be accompanied by documentation that indicates compliance with trade restrictions. Further information about restricted countries is available by contacting the Export Controls Office at EChelp@pitt.edu. Additional time will be required to process these loan device requests and issue authorization documentation. Each request is handled on an individual, case-by-case basis and there is no guarantee it will be approved.
- Laptops provided through this program have ComputracePlus installed. Because ComputracePlus is considered a high-grade encryption product, some countries expressly prohibit its importation and/or use. As a result, all requests for laptop loans for international travel need to be reviewed on a case-by-case basis to determine the legal status of ComputracePlus. If ComputracePlus is prohibited, a laptop for international travel may be issued without ComputracePlus installed.
- All loaned devices must be returned to CSSD within one week of returning to the United States.
- After you return from your trip, do not connect a loaned device to Wireless PittNet or to any wired network ports at the University. Borrowers are responsible for transferring or removing any data that they want to keep before returning a loaned device. CSSD can assist borrowers with the removal of any data stored on the device but cannot back up data. CSSD will erase the device when it is returned and is not responsible for any lost data. The borrower must change his or her University Computing Account password upon returning to the University.
- The same rules and guidelines that govern use of devices on PittNet apply to the use of devices loaned for international travel. See University Policy 10-02-05 Computer Access and Use for details.
- Violations of the terms outlined above will result in the appropriate disciplinary action, which may include loss of loan device privileges, computing privileges, suspension, termination, or expulsion from the University, and legal action.
- Violations of any international, federal, state, or local law concerning the unauthorized access or use of loaned University devices and computing services will result in the appropriate disciplinary action up to, and including termination from the University.
Devices are available on a first-come, first-served basis. Submitting a request does not guarantee that a device will be available.
- Microsoft Windows or Mac OS X
- Microsoft Office 2013 Professional Plus for Windows or Microsoft Office 2011 for Macintosh
- Symantec Endpoint Protection
- MalwareBytes Premium
- Identity Finder
- Symantec Whole Disk Encryption
- Junos Pulse
CSSD tries to honor requests to install specific software or app titles that are available through the University, including the Software Download Service, Software Distribution Services, and the Pitt App Store. Note that CSSD will only install software or app titles on a device if the licensing agreement includes international use rights.
During your international travel, you can connect your device securely to the University by accessing the Secure Remote Access Service through a Web browser or by using Juno Pulse, which is the default client installed on all loaned devices.
All borrowed devices must be returned within one week of your arrival in the United States. Perform the following to secure your data before returning your device.
- Do not connect a loaned device to Wireless PittNet or to any wired network ports at the University.
- Transfer any data that you want to keep from the device. CSSD will securely erase the device when you return it, so it is your responsibility to transfer any data that you want to retain.
- Change your University Computing Account password at My Pitt. Log in, click Manage My Account in the left-hand menu, click Password Change, and follow the instructions.
Laptops & Tablets
Verify Critical Software is Updated
- The laptop’s operating system, independent of your brand of computer and OS (whether it be Microsoft, Apple, Android, or Linux), should have all of the latest security patches applied to it.
- Software applications should be up to date with the latest security patches. This is especially important for those applications that interact with the web, including web browsers, Adobe Acrobat and Flash, Silverlight, and Java.
- Ensure the latest version of Symantec Endpoint Protection is installed on the laptop and use the LiveUpdate feature to confirm that your virus definitions are up to date.
Update Web Browsers Settings
Web browsers should be set to automatically clear your browsing history and cache after each session. Contact the Technology Help Desk for assistance in applying these settings to your preferred web browser.
Remove Sensitive or Confidential Data
Prior to your travels, remove any sensitive or confidential data from your laptop. This includes student information (grades, comments on student work, and any other information that is not available in a public directory), proprietary information (including unpublished research), University business or planning documents, personal information (including financial information), and any other materials that should not be made public. Review the Can I Take It? section and the Export Controls website to determine whether software and data can be taken out of the country, and remove programs and data that cannot. Materials related to the travel arrangements, presentations, supporting materials, educational information, and any public domain documents can reside on the laptop.
Install Protection Software on Laptops
Prior to travel, have your unit’s technology office or CSSD install a group of security programs on your laptop computer. These will provide the best protection against cyberattacks, allow you to connect with Pitt securely, and disable the computer if it is lost or stolen. These programs are:
- Symantec Endpoint Protection
- MalwareBytes Premium
- Identity Finder
- Symantec Whole Disk Encryption
- Junos Pulse
Review the Office of Export Controls Guidelines and Tips
See also the Can I Take It? section. University of Pittsburgh faculty, staff, and students are required to comply with the United States export regulations when traveling abroad. US Customs officials may request documentation certifying that you were permitted to take technology out of the country. Contact the Office of Export Controls Services (OEC) to obtain any of the required authorizations and documentation prior to your trip. Read the Travel Procedures to determine which forms you will need to fill out. You should take copies of that documentation with you when you travel, in case U.S. Customs officials request it. The Federal regulations require that you keep records of your export documentation for five years after the license is expired or, in the case of a license exemption, for five years after the travel is completed.
Our phones have become mini-computers and generally contain all of our email, private communications, and contact lists. These are high-value targets for criminals. The safest course of action when traveling abroad is to use a phone from the Technology Loaner Program described above or to buy an inexpensive non-smartphone that will be used only for making calls.
Back Up your Device
If you will be traveling with a smartphone or mobile device, you should back up the device on your computer here at home. Best practice would be to reset it to its factory default setting clearing all personal information from the device. You would then selectively copy certain information back on to the device that you need for travel. Upon return, your device can then be restored to its previous state.
Use Strong Passwords
Use a strong passcode to protect cell phones and mobile devices. This will prevent others from picking up your device and gaining access to it.
Turn Off Bluetooth & Wi-Fi
Unless you are actively using these features, you should keep these turned off or disable them on your phone. Allowing these services to run provides potential attackers with a method for gaining access to your device.
Be Aware of Your Surroundings
When entering your username and password into your devices, be aware of those around you. Someone may be closely watching your screen and keyboard in an attempt to steal your credentials.
Use Strong & Unique Passwords
Use separate screen lock pass codes for each of your devices. Don’t use your Pitt password on non-Pitt accounts; instead, use a separate strong password for each other account (banking, private email, online retailers, etc). If an account is compromised, separate strong passwords and device screen lock pass codes make it more difficult to use the compromised account or device as an entry point to your other accounts and devices.
Connecting to the Internet
Because of insecure connections, open Wi-Fi connections in hotel lobbies and rooms, airports, and similar public areas are especially vulnerable and should be avoided. Hotel business centers are no better: Forbes (July 16, 2014) reported that cybercriminals used key logging software in hotel business centers in the Dallas area to steal guest information. Wired corporate, government, and university connections are safer in many parts of the world, but in some parts of the world these too may be not secure. It’s prudent to assume that your connections are vulnerable and adjust the personal and professional business you conduct when abroad.
Keep Your Devices With You
When in transit keep your devices with you. Should customs or other airport officials take your devices out of your view, those devices should be considered compromised and should not be used. Even if you will not be using your device, it should not be left in a hotel room, conference center, or foreign office unattended.
Do Not Use Unknown Storage Devices
USB keys can be used to install malicious software on your devices and allow unauthorized individuals to compromise your data and accounts. Only plug items into your devices that you have brought with you. Public charging stations at airports or hotels should also be avoided, as they can transmit harmful software to your devices.
Change your password for all services that you have accessed while abroad — including your University Computing Account as well as any personal email, social, or financial sites that you accessed while traveling. By limiting the sites that you visit abroad, you reduce the number of passwords you need to change.
Because travel involves security risks, your devices could contain malicious software that you do not want to introduce to the University’s network or your home network. Risk is probabilistic: as described above, risk depends on what types of connections you’ve used and where you have been. But the risk is real, even with domestic travel. If you have been using your own computer rather than a computer from the loaner program, the safest course of action is to have the device securely erased and rebuilt, either from an existing backup or through a new installation of the operating system.
Inventory Your Equipment
Computing Services and Systems Development can inventory your equipment prior to your travels. This will allow the University to assist you in reporting lost or stolen devices, should you need to do so while traveling. CSSD can then also verify the state of your operating system and applications and can determine whether any sensitive data is present on the devices.
Monitor your accounts
When notified of your travel dates, Computing Services and Systems Development will monitor the logins from your University Computing Account to look for any anomalous behavior. If CSSD Security identifies any suspicious behavior associated with your account, they will contact you immediately to change your password.
Contact the Technology Help Desk at any time, before or during your travels, if you have questions about any of the topics covered in this document. Should you suspect your account has been compromised or University data has been breached, the Technology Help Desk can notify the CSSD security team 24 hours a day, seven days a week.
- CSSD Support
- Current Travel Warnings and Alerts
- Traveling Overseas with Mobile Phones, Laptops, PDAs and Other Electronic Devices
- Best Practices for Academics Traveling Overseas
- Advice for U.S. College Students Abroad
- Safety and Security for U.S. Students Traveling Abroad
- Study Abroad Office
- Study Abroad Travel Warning Policy
For more information on technology or to answer any questions, please contact the following: