Add a Secondary Device in DUO

Whether you use a smartphone, tablet, hard token, or YubiKey for two-factor authentication (2fa) with DUO, consider registering a secondary authentication device. Otherwise, you’ll be locked out of your CMU accounts if you lose your primary device.

Pro Tip: iOS users, enable iCloud Keychain before you leave to take advantage of DUO Instant Restore if you lose or replace your iOS device during travel.

Pack an Alternative Device

The safest device is the one you leave at home. Instead of packing your primary, top-of-the-line laptop, consider taking an alternative. Dust off an older device or see if your department loans devices for travel.

Secure Your Devices

Review our recommendations for Secure Computing to ensure you’re taking advantage of the latest antivirus software and personal security preferences available to you.

Back Up Files to Cloud Storage

Store files in a CMU-supported cloud storage solution, like Google Drive or Box, and remove them from your local hard drive. If you need to store files locally, consider enabling full disk encryption. That way, even if someone steals your device, they can’t access your files.

Use Virtual Private Network (VPN) Protection

Connecting to public Wi-Fi in hotels, airports, etc.is always risky, but when outside the country, it is even more important to be proactive in securing your network connection. VPN protection encrypts your connection and secures it from hackers. Visit Using a Virtual Private Network at CMU for additional information.

Access Applications with a Web Browser

Access your application via a web browser instead of desktop or mobile applications. When using the browser version of an application, all of the data is stored on secure web servers. Desktop or mobile versions of apps store data locally on your device, which makes your data more susceptible to theft.  

Generate a Passcode to Authenticate with DUO

Sometimes you may lose cellular network access, which may prevent you from sending a DUO push to your device. Remember you can generate a passcode to authenticate, which doesn’t require a network connection.

Download Citrix Workspace (My Apps)

If staff/faculty need to access university information, we strongly recommend using Citrix Workspace to access your desktop. It provides a secure connection to your university applications on a personal device. Check out the Citrix Workspace homepage for additional information about the software.

Avoid public USB Ports

The FBI recently began recommending that travelers in airports and other public places avoid using USB charging stations because hackers have found a way to use these ports to infect devices with Malware and other malicious software.  It is recommended that you use your own charging cords and power bases that you then plug into an electrical outlet.

Additional Tips

The National Counterintelligence and Security Center also recommends:

• Avoid placing devices in checked bags whenever possible.
• Shield your passwords from view, and turn off “remember me” options.
• Terminate Wi-Fi or Bluetooth connections when not actively in use.
• Clear your browser after every use.
• If your device is stolen, report it to the local US embassy.

Change passwords

Upon returning from traveling, be sure to change all of your passwords of any applications used during your trip. If any of your applications or accounts have been hacked, changing the password will help lock out intruders. 

Stay alert!

Lastly, monitor your devices for any unwanted or strange behavior. If you notice unwanted or strange behavior on your devices,  report any concerns to the Information Security Office at iso-ir@andrew.cmu.edu. The National Counterintelligence and Security Center recommends examining your devices upon returning to be sure there is no malicious software on your devices. Regardless, it is essential to be cautious and alert upon returning.