Technology Security as a Global Effort

When visiting NYU's locations abroad, it is important to be aware of the various laws and regulations governing technology that you must follow. A number of countries have restrictions on what items you can export or take with you when departing that country, including electronic equipment not declared on arrival. In addition to local laws at NYU’s locations, and countries where NYU conducts research and other programs, awareness of, and compliance with NYU's policies, guidelines, and regulations are critical wherever an NYU community member uses, stores, and/or transports data or hardware. To do this you are advised to become familiar with these policies in particular:

Best Practices for Traveling Abroad

  • Restrictions: When traveling abroad, you’ll need to determine whether export/import controls apply to your trip. For more information, including what items, equipment, or software may be restricted, read the Office of Compliance and Risk Management’s page International Travel: Export & Import Controls.   
  • Personal Info: Be aware of Global Regulatory Issues when handling Personally Identifiable Information (PII) in other countries.
  • Encryption: Most mass market devices (e.g. Apple & Android) do not require an export license. Contact the OCRM before traveling internationally with other encryption software and encrypted data.
  • VPN: Using a Virtual Private Network (VPN) is recommended whenever you connect to the internet, but you will want to confirm that the location you’re traveling to allows use of encryption software. See the list of countries that support the personal use exemption for encryption software.
  • Device Security: If a device is taken away from you in another country and given back, such as in customs, it very well may have been compromised. In this case, it is probably best to refrain from using the device. Email to notify them of the issue. You may need to reset or wipe your device.

Before You Leave

  • Create strong, unique passwords or passphrases for each device that consist of at least 12 characters. Do not reuse passwords. Avoid passwords that are easy to guess or directly related to information in your social media accounts or other public-facing web pages.
  • Identify the risk classification level of NYU data you will access, and ensure that your needed work files can be accessed using one of NYU’s file storage systems consistent with the files' data/risk classification level. If a file has a mix of data types, classify it using the highest level of classification applicable.
  • Make sure that your mobile phone has a device finder/manager, remote wipe capabilities, and that you know how to perform a remote wipe. See instructions for Apple, Android, and Windows.
  • Make sure Endpoint Security software is installed on the laptop and devices you will take when you travel. This software can help to protect you from malware and spyware. Read Secure Your Computer.
  • Make copies of travel documents and credit cards you plan to use. Leave copies with a family member or friend at home in case the items are lost or stolen.
  • Wait until you’re home to post details about your trip on social media. Announcements made beforehand or while traveling can make you a target for cybercrime.
  • Email GOIS at if you have pre-travel questions relating to the security of your electronic devices. You can consult with the Office of Compliance and Risk Management (OCRM) if you need further guidance, email

While You Are Traveling

  • Remain vigilant about the physical security of your devices as you travel, including at your hotel. Devices may be at risk of physical tampering or theft, particularly if they are left unattended (including devices left locked in a hotel room or even left locked in a hotel safe while dining, shopping, or touring). Be aware and immediately report signs of device tampering to GOIS at
  • Securely access the internet and your files by using a Virtual Private Network (VPN) while traveling. VPN protects both your security and privacy by encrypting sensitive information and masking your IP address, search history, and location. NYU VPN provides secure access to NYU’s network.
  • Avoid using public computers and public charging stations as both may come with malware, such as spyware.
  • Disable Wi-Fi and Bluetooth when not in use. This will prevent auto-connection to open networks or other devices.
  • Wait until you’re home to post details about your trip on social media. Announcements made beforehand or while traveling can make you a target of cybercriminals.
  • If any of your MFA-registered devices are lost or stolen, contact the NYU IT Service Desk for 24x7 assistance with deactivating lost or stolen devices from MFA, and for accessing NYU-NET on an alternate device via an MFA pass code.
  • All lost NYU-owned devices must be reported to the NYU IT Service Desk as soon as possible. Also inform your local IT Support team.

When You Return

  • If a device was taken away from you in another country and given back, it very well may have been compromised. You may need to reset or wipe your device. In this case, it is probably best to refrain from using the device. Email to notify them of the issue.
  • If you notice any unusual activity with your accounts when you return, use a trusted computer to change any passwords you used while traveling and report the activity to GOIS at

Staff Traveling Abroad

Before You Leave
  • A loaner laptop may be available from your school or department, or from Desktop Support (for enrolled departments). Check with your school or department for availability. Equipment loans are usually for a short term depending on what equipment is currently available. A loaner laptop should only have essential applications, including malware protection software.
    • If an NYU loaner laptop or mobile device is not available, remove any low or moderate risk data that you might have stored on your laptop. Remember, high risk data should never be stored on mobile devices.
  • Updates and software installations should be completed on a trusted network prior to your departure. Installing software or performing updates on untrusted networks is risky because they may be delivered with malware.
  • Traveling with “clean” devices on which there is no personal or work-related data stored is ideal because locally-stored data is vulnerable to theft, exposure, or corruption in the event that your device is lost, stolen, or confiscated.
When You Return
  • Return any loaner devices for secure wiping and re-deployment.
  • If there has been suspicious activity on any of the devices you have used, please report this information by sending a detailed email to before you return the devices.
Traveling abroad requires particular attention to safety and security considerations for your computer and other electronic devices, as well as for the data on those devices. Countries to or through which you travel may have different laws and regulations regarding data privacy. These laws and regulations may endanger the security and privacy of NYU's high risk data or other sensitive information. This means that the electronic devices that you bring for work may be subject to search and seizure, even at the US border.

In addition, electronic devices are subject to attack and compromise in a number of ways. Some are subtle, such as malicious mobile software updates, and some are obvious, such as theft or physical tampering. Your internet usage may be monitored as well. Remember to travel smart and understand that you may have someone looking over your digital shoulder. If you are looking at something, it’s very possible someone else is looking as well.
Follow these tips to protect NYU's data, computers, and network and to respect local privacy laws and cultural norms while traveling internationally.