Wikier

Information security and travel

Detaljer Skriv ut

This page provides specific travel advice from the NTNU Digital Security Section. The advice includes an introduction to actions that should be considered or carried out ahead of and throughout any trip, but also travel advice for those travelling to countries Norwegian security authorities have flagged as high-risk countries.

Innholdsfortegnelse [-]

  1. Risk reduction while travelling
    1. Travel preparations
    2. When travelling
  2. High-risk countries
  3. Specific advice for travels to high-risk countries
  4. Reporting an incident or suspected incident
  5. Further information

Topic page about travel | Pages tagged with travel

Risk reduction while travelling

When travelling, attempts at information extraction should be anticipated. The Digital Security Section recommends that dedicated equipment be used when travelling to high-risk areas. This equipment should not be linked to the NTNU Windows domain (cfr Specific advice for travels to high-risk countries)

Travel preparations

  1. Evaluate the need to carry information outside Norway and minimize the amount. Local authorities may demand access to encrypted information.
  2. Install anti-virus and security software ahead of departure.

Anti-virus (Staff)   Anti-virus (Students)

  1. Make sure the firewall is activated.
  2. Update both your operating system and security software ahead of departure.
  3. Activate encryption on cellphone, iPad and laptop ahead of departure. This will prevent others from reading content on the units.

When travelling

  1. Deactivate WiFi and Bluetooth when not in use.
  2. If offered a USB storage device, e.g. a memory stick, say no. Also avoid lending others your own memory sticks or other USB storage devices. In general, one should be very careful with any unfamiliar USB device. This also applies to pointing devices and mouse units.
  3. When accessing the Internet, always make sure there is a padlock icon in the browser’s top left-hand corner before entering your user name and password, and look out for possible security alerts and error messages.
  4. If accessing the Internet, we recommend that you connect through NTNU’s VPN. This will prevent scanning of traffic. Keep in mind that several high-risk countries have powerful surveillance resources with regards to digital communications and will attempt to access your flow of data.
    Please note: Use of external VPN providers may be illegal, but so far there have been no cases of someone being confronted with accessing their own organisation through a VPN. 
  5. Make sure that remote wiping is activated on all units.
  6. Do not disclose your NTNU username and password.
  7. Use your own cellphone charger.

High-risk countries

Both the PST and the National Security Authority have issued warnings against intelligence activity from several high-risk countries targeting Norway. In particular, Russia, China and Iran are flagged as high-risk territories.

Based mainly on industrial espionage and technological motives, we know that these countries in particular have intentions of gathering information and compromising data systems to achieve economic and research goals. The high-risk countries have several military units working systematically in acquiring confidential and state-of-the-art technology through industrial espionage. These units are capable of quite sophisticated operations.

Because NTNU provides state-of-the-art research and technology within several of the high-risk countries’ fields of interest, we are an obvious target. We have already seen attempts to compromise NTNU personnel while travelling, so the risk is quite real.

Specific advice for travels to high-risk countries

In addition to the advice above, we recommend the following when travelling in high-risk countries:

  1. The Digital Security Section recommends that you bring a cellphone/tablet/laptop not ordinarily in use (iPhone and iPad are recommended, as these are especially hard to break into).
  2. Avoid installing updates while abroad.
  3. Avoid leaving information units (cellphone, tablet and laptop) where you cannot see them. This includes hotel rooms and hotel safes. If going on a trip, bring all your information units with you.
  4. Avoid bringing managed clients to high-risk countries (i.e. computers linked to the NTNU domain). Contact NTNU IT orakel@ntnu.no ahead of departure if it cannot be avoided.
  5. Use 6-digit PIN or password on cellphone and tablet. Deactivate fingerprint and facial recognition on your cellphone. These security mechanisms are considered too weak against a digital intruder.

Reporting an incident or suspected incident

If you suspect that information has been accessed, or any other digital security incident, contact soc@ntnu.no (+47 90 66 43 50) so that we can assist you in solving possible problems.

Further information

NTNU has a topic page about travel.

We recommend that you acquaint yourself with NTNU’s guidelines for storing files and documents (only in Norwegian).

Sikresiden.no provides various advice for travel preparations.

Travel advice from the PST (only in Norwegian).

Travel advice from the Ministry of Foreign Affairs.

2320 Visninger
Målgruppe: Medarbeidere Tema: Informasjonssikkerhet
Tagger
travel information safety information security