Aeroplane
Working securely - extra guidance

Advice for keeping your data secure when travelling abroad

If you are planning on travelling abroad, please check the guidance on the following websites: 

  • Cyber travel risks are detailed on Imperial's Travel Assist portal – instructions on how to register are available here
  • Foreign Commonwealth Development Office (FCDO) guidance  
  • UK Government website for advice on travelling to specific countries.

Think minimal

A malicious third party, criminal or hacker cannot steal what you don’t have. Plan ahead and take the absolute minimum in terms of devices and data.

Before you travel

  • If you don’t need it, don’t take it. Only take files, devices and media that are necessary for your trip. 
  • Ensure your devices are encrypted and protected with passwords/biometrics (face unlock, fingerprints etc.). You may be asked to unencrypt devices by border guards.
  • Remove all unnecessary data from your devices OR ask ICT/your department for a loan travel device.
  • Harden devices (install endpoint protection, configure a software firewall etc.).Devices managed by ICT are hardened by default. For more information please contact ICT.
  • Install security updates prior to travelling.
  • Where possible use secure remote access solutions recommended by ICT. Don’t take data you could leave on Imperial systems and access remotely – only access data/systems when essential.
  • Use a charging only cable. It is safer to avoid using file-sharing or USB transfer cables because they can act as a direct, physical pathway for malicious software (malware) to jump between devices, often bypassing traditional network security protections. These cables, which often include specialised software for connecting two computers, can pose a risk of data theft, malware injection, and unauthorised access to both machines.
  • Consider what apps you have on your devices and legality of their use in other countries. Some countries have banned all foreign apps. For example, Facebook is banned in several countries.
  • Review your Multi-Factor Authentication (MFA) settings
  • Review historic posts that you have made on public forums/social media.
  • Bookmark the Cybersecurity Red Button which details common cybersecurity incidents and how to respond.
  • Protect your cards/passport with a Radio Frequency Identification (RFID) protecting purse/wallet. A RFID protecting wallet/purse shields the chips in your bank cards and passport from being scanned. They are available online - search for 'RFID protection wallet'.

While travelling

  • Be wary of using public or shared devices (i.e. machines in business centres, internet kiosks etc).
  • Keep mobile devices and papers on your person when travelling.
    • Store mobile devices and papers out of sight when you’ve finished working, e.g. in a hotel safe if available.
    • Do not leave devices unattended in public places.
  • Do not use free public wireless networks, as they are often abused and use 4/5G where possible. Be wary if prompted to install applications to access wireless services.
  • Only access/visit encrypted websites (i.e. those that begin with https://).
  • Think about what you post on social media. You may be providing information that can make it easier for malicious third parties to steal your identity. Posting in real time lets everyone know exactly where you are. Consider posting about your trip once you’ve returned home.

If you are travelling to high-risk countries, anticipate:

  • Access to common popular services might be blocked e.g. social media, Wikipedia, Gmail etc.
  • Potential Government monitoring of communication services.
  • Remote access services might be blocked.
  • Internet services (e.g. wireless) could be untrustworthy and unreliable. 

More support

  1. Contact the ICT Service Desk
  2. Contact ICT Security for urgent cybersecurity incidents
  3. Visit the Travel assist portal 
  4. Read the International travel and conferences pages