Cybersecurity is an expansive and complex area and its scope extends well beyond research. For purposes of research security, the following resources are helpful starting points.
Research taking place under government contracts may be subject to additional security controls. For assistance with this type of research, please email the Office of Sponsored Research.
Safeguarding your research and yourself while abroad
As a researcher, international travel can be essential for collaboration, conferences, and fieldwork. However, venturing abroad also presents unique cybersecurity and export control challenges. The information below equips you with the knowledge and resources to navigate these complexities and ensure a secure and compliant trip.
Before you travel
Assess Export Control risks:
- Consult UCSF Export Control to determine if your research, data, or planned activities involve export-controlled technologies or information. This includes:
- ITAR (International Traffic in Arms Regulations) for defense-related items.
- EAR (Export Administration Regulations) for dual-use items with civilian and military applications.
- If applicable, obtain the necessary export licenses or authorizations before departure.
Secure your devices:
- Minimize sensitive data: Remove any confidential research data, intellectual property, or restricted information from devices you bring.
- Update and encrypt: Ensure your devices are running the latest security patches and use strong encryption software to protect sensitive data.
- Consider using a travel device: Utilize a dedicated laptop or mobile device for your trip that doesn't contain sensitive information.
Be wary of public Wi-Fi:
- Avoid accessing sensitive information or conducting research activities on public Wi-Fi networks.
- Utilize a Virtual Private Network (VPN) to encrypt your internet connection and protect your data.
Be mindful of physical security:
- Keep your devices with you at all times and avoid leaving them unattended in public places.
- Be cautious of physical theft and implement strong password protection on your devices.
Research destination laws and regulations:
- Familiarize yourself with the cybersecurity laws and regulations of your destination country.
- Be aware of potential restrictions on data storage, encryption, and internet access.
While traveling
Practice smart online habits:
- Avoid using public computers or unsecured networks for sensitive activities.
- Be cautious of opening attachments or clicking on links from unknown senders.
- Beware of phishing scams that attempt to steal your credentials or personal information.
Be mindful of what you share:
- Exercise discretion when discussing research details or sensitive information in public settings.
- Avoid sharing export-controlled information without proper authorization.
Back up your data:
- Regularly back up your important data to a secure cloud storage service or external drive.
- Consider leaving a copy of your backup data at home in case of device loss or theft.
Upon return
- Scan your devices for malware: Conduct a thorough scan of your devices for any potential malware or security threats acquired during your travels.
- Report any security incidents: Inform UCSF IT Security or UCSF Export Control of any suspicious activity or security breaches encountered while abroad.