Technology Security as a Global Responsibility

When traveling abroad for NYU business, instruction, or research, it is essential to be aware of the various laws and regulations governing technology that you must follow. A number of countries have restrictions on what items you can export or take with you when departing that country, including electronic equipment not declared on arrival. In addition to local laws at NYU’s locations and countries where NYU conducts research and other programs, awareness of and compliance with NYU's policies, guidelines, and regulations are critical wherever an NYU community member uses, stores, and/or transports data or hardware. To do so properly, you are advised to become familiar with these policies, in particular:

Best Practices for Traveling Abroad

Follow these tips to protect your and NYU's data, computers, and network while traveling:

  • Restrictions: When traveling abroad, you’ll need to determine whether export/import controls apply to your trip. For more information, including what items, equipment, or software may be restricted, read the Office of Compliance and Risk Management’s page International Travel: Export & Import Controls.
  • Personal Info: Be aware of Global Regulatory Issues when handling Personally Identifiable Information (PII) in other countries. 
  • VPN: Using a Virtual Private Network (VPN) is recommended whenever you connect to the internet away from NYU’s campus, but you will want to confirm that the location you’re traveling to allows the use of encryption software. Check this list of countries for local policies regarding personal use exemption for encryption software.
  • Device Security: If a device is taken away from you in another country and given back, such as in customs, it very well may have been compromised. In this case, it is probably best to refrain from using the device. You may need to reset or wipe your device. Report suspected or known cybersecurity incidents immediately by submitting the Cyber Incident Response form or emailing security@nyu.edu. Include a description, the time of the incident, and any other details you have. The longer an incident goes unreported the more damage it can cause.

Before You Leave

  • Review and follow the steps in these foundational and role-based Cybersecurity Checklist(s) for students, faculty, and staff:
    • Researchers and technologists: take particular care to review the legal and policy requirements in your role-based checklists and talk to your local IT staff and/or NYU IT support before you travel with technology.
  • Make sure you can access your NYU account by registering multiple NYU Multi-Factor Authentication (MFA/Duo) devices before you travel and making sure they are ones you can access while traveling.
  • Identify the risk classification level of NYU data you will access, and ensure that your needed work files can be accessed using one of NYU’s file storage systems consistent with the files' data/risk classification level. If a file has a mix of data types, classify it using the highest level of classification applicable.
  • Make sure that your mobile phone has a device finder/manager, remote wipe capabilities, and that you know how to perform a remote wipe. See instructions for Apple, Android, and Windows.
  • Make sure Endpoint Security software is installed on the laptop and devices you will take when you travel. This software can help to protect you from malware and spyware. Read Secure Your Computer.
  • Wait until you’re home to post details about your trip on social media. Announcements made beforehand or while traveling can make you a target for cybercrime.
  • Email GOIS at security@nyu.edu if you have pre-travel questions relating to the security of your electronic devices. You can consult with the Office of Ethics and Compliance if you need further guidance by contacting the Compliance and Risk Reporting Line.

While You Are Traveling

When You Return