Office of Sponsored Programs - Foreign Travel Security
Close

Office of Sponsored Programs

Foreign Travel Security

National Security Presidential Memorandum 33 (NSPM-33) and recent guidance from the Office of Science and Technology Policy (OSTP) mandated stricter requirements for foreign travel security, including mandatory training and travel reporting by academic researchers. The Office of Research and Economic Development is following these developments closely and will provide updates as we receive further guidance.

In the meantime, please note that while international travel is an important part of international collaborative research, it does present some security risks to the researcher, their research, Tennessee Tech, and national security. As such, we have provided the following best practices and useful travel tips to those who are planning to travel overseas as part of their research or academic work. These tips are often overlooked in the rush to acquire tickets, hotel reservations, visas, etc.

Always plan and do some research before traveling to another country. Know exactly where you will be staying and how to get around. Are there areas you should avoid for your own safety? Are there political or social unrests plaguing that area? Where and who can you turn to for emergency assistance?

The U.S. Department of State maintains a international travel safety website with a great deal of useful information, as well as updated travel advisories and alerts for countries around the world. It is good practice to check this website regularly before and during your travel. The Office of the Director of National Intelligence maintains a website with useful travel tips as well.

Data Protection

Please remember that secure research cannot be conducted outside the United States. This includes traveling with devices that may contain sensitive research information.

If you can travel without the mobile device issued to you by Tennessee Tech, leave it at home. This is the safest option. Limit the data you take with you on your trip to those that are absolutely necessary. Always consider the consequences if a foreign government or competitor gains access to your information.

Travel only with data needed for your trip to reduce the risks associated with a system compromise or device theft while you are traveling. 

To the greatest extent possible, preserve data within Tennessee Tech-approved cloud storage, such as One Drive, rather than on your local device.

Per Tennessee Tech policy, researchers are prohibited from taking University-provided mobile devices and/or equipment, other than cleanly-imaged laptops provided via the Loaner Laptop Program, to the following designated Foreign Countries of Concern. This applies even if you are merely transiting through these countries at some point during your travel.

  • China
  • Iran
  • Russia
  • North Korea

Some countries have been identified by the U.S. government as being areas of high-risk travel. Travel to these countries carry a significant amount of information security risks and as such, bringing Tennessee Tech-issued devices other than cleanly-imaged laptops provided through the Loaner Laptop Program to these destinations is strongly discouraged.

Researchers traveling to high-risk locations below should be aware that there is no presumption of privacy. This means you should assume all data is accessible by local government and non-governmental actors, and that any information accessed or transmitted can be compromised.

  • Afghanistan
  • Algeria
  • Belarus
  • Burma/Myanmar
  • Cambodia
  • Central African Republic
  • Cuba
  • Cyprus
  • Democratic Republic of the Congo
  • Egypt
  • Eritrea
  • Ethiopia
  • Guinea
  • Haiti
  • Hong Kong
  • Iraq
  • Kyrgyzstan
  • Lebanon
  • Liberia
  • Libya
  • Macao
  • Nicaragua
  • Niger
  • Sierra Leone
  • Somalia
  • South Sudan
  • Sudan
  • Syria
  • Taiwan
  • Ukraine/Crimea and Donbas Regions
  • Venezuela
  • Yemen
  • Zimbabwe

Additional Information about High-Risk Travel

  • Some countries, such as China, Israel, and Russia, have restrictions on the import and use of encryption tools. If encryption cannot be used, it is recommended that no regulated or restricted data be stored on mobile devices. If you have any questions pertaining to your specific destination, please email ResearchCompliance@tntech.edu.
  • In some countries, customs or border agents may ask you for the passwords to your devices.
    • If at all possible, avoid providing your password. Instead, unlock the device for the agent if you are compelled to do so.
    • “Compelled” could be due to a subpoena, the customs or border agent showing you the section of the law that provides them the right to require you to unlock your device for inspection, or circumstances in which you believe that you have little to no other viable options.
  • If any of the countries you are traveling to have technology restrictions, we strongly recommend that you use temporary mobile devices for the trip. Please see our page on the Loaner Laptop Program for information.
  • Limit the amount of information and services you access to the absolute minimum necessary while traveling in high-risk countries.
  • Depending on the destination, some VPN providers may be blocked. Do your research and prepare alternatives (different subscriptions/services, downloaded and installed).
  • In some countries, government agents may request to view your device and will go through your messages, social media, photos, browsing history, and applications. If your political or lifestyle opinions are illegal in the country you are traveling to, remove apps, photos, messages, or social media posts that may incriminate you before you cross international borders.
  • If your device is confiscated by a foreign agent or official, try to do the following:
    • Obtain the name and title of the individual(s) confiscating your device.
    • Obtain a “receipt” or comparable written documentation that describes the device confiscated, under what authority, for what purposes, by whom, and whom to contact regarding the return of the device.
    • If your official device contains Confidential or Restricted data, let the official know that you are affiliated with Tennessee Tech University (faculty, staff, student, etc.) and have sensitive information on the machine.
    • Notify the Tennessee Tech Information Technology and Services (ITS) at Helpdesk@tntech.edu or by calling 931-372-3595. Also notify the Office of Research and Economic Development at ResearchCompliance@tntech.edu or by calling 931-372-3374.

Loaner Laptop Program

If you need to bring a laptop while traveling outside of the U.S., we recommend taking a “clean” loaner laptop that does not include proprietary or sensitive information, including unpublished information that might be subject to confidentiality restrictions.

The Office of Research and Economic Development has a Loaner Laptop Program that loans out cleanly-imaged laptops, free of charge, to researchers who are going on university or sponsor funded international travel. We encourage researchers to take advantage of this program when planning a work-related trip abroad.

Travel Preparation for Mobile Devices

If you must bring your personal or work laptop with you, please consider the following best practices for keeping your data safe.

Before your trip:

  • Back up all information you take; leave the backed-up data at home.
  • Encrypt your mobile devices, including external USB/ hard drives, unless restricted by the destination country. Check travel recommendations for high-risk countries.
  • Do not store passwords or other credentials on mobile devices.
    • If you are not traveling with a clean temporary mobile device, clear all of your browser history, cached passwords, filled forms, and any other local browsing data before travel.  
    • Use a cloud password manager application to store your credentials (if required).
    • Configure your web browser(s) not to save passwords. This prevents login credentials from being saved in the browser cache. 
  • Update your mobile devices' applications and operating systems.
    • Install the latest security updates for your mobile devices and applications from trusted sources, such as Windows updates, Apple updates, and vendor websites. Do not download and install any supposed updates or patches sent via email or unknown web links.
    • Uninstall unused and unnecessary applications and turn off unneeded services on your devices, such as Bluetooth and Wi-Fi.
  • Familiarize yourself with TN Tech's Virtual Private Network (VPN) on your official device before you go. Consider having additional commercial VPN subscription(s) on your personally owned devices as a backup if there are difficulties connecting to your TN Tech VPN on your official device. VPN can help secure your communications and improve privacy when using untrustworthy networks.
    • Test your ability to access data using a VPN from an off-campus location before leaving. (On mobile devices and/or laptops).
  • Adjust your account access level to the lowest privilege level.
    • While traveling, do not use a local system administrator account (or account with administrator rights) as your primary user account. Using non-administrator accounts will help to prevent many potential incidents.
  • If you are traveling to a high-risk location, consider getting a temporary or “burner” mobile phone for use during your stay there.

During your trip:

  • Avoid transporting all devices in checked baggage.
  • Never connect to the internet using public Wi-Fi networks unless using a trusted VPN client.
  • Communication Tip on all of your mobile devices: 
    • Turn off "join wireless networks automatically." Always manually select the specific network you want to join after confirming its name and origin with the provider.  
    • Turn off wireless and Bluetooth when these features are not being used.
      • Putting your device in airplane mode and only enabling the networking technologies you need is the most effective method of achieving this. A quick web-based search using the keywords “*operating system (e.g. iOS, Windows 11)” and “airplane mode” should yield results to assist you in using airplane mode.
    • Only connect your external media to your devices
      • While USB drives and other forms of external media offer convenience in sharing and transferring files, they can also be vehicles for exploits and malware. Be wary of using untrusted external media drives on your devices while traveling.
  • Do not utilize public USB power stations to resupply power to your devices. Instead, consider bringing pre-charged battery banks and carrying an international plug adapter.
  • Never leave mobile devices unattended; be aware of who’s looking at your screen, especially in public areas. If your TN Tech mobile device or information is stolen, report it immediately following the appropriate procedures.

Upon Returning to Tennessee Tech

  • Use a trusted computer that you did not take with you on your travel to change passwords for all services and accounts you accessed while you were away.
    • At a minimum, change the passwords for the sites you accessed while you were traveling.
  • Return all the devices you took on your trip to their pre-travel configuration.
    • Before connecting to Tennessee Tech resources, turn off any services you may have enabled to facilitate your work while traveling, update and apply any patches released while you were away, and scan any data you brought back for malware.
    • For assistance, please do not hesitate to contact the Tennessee Tech IT Help Desk.

Export Control Considerations

Familiarize yourself with country-specific restrictions and prohibited activities before departure. Avoid sharing sensitive research findings in informal or unregulated settings while abroad.

Be aware of the export control regulations that apply to your research, as certain technologies, software, and data are subject to federal restrictions. Laptops, software, encryption tools, data, technology, blueprints, or other technical drawings may fall under U.S. export control regulations. A temporary license exception (TMP) or an export control license may be required before you can bring certain items abroad.

If you are unsure whether any of these apply to your situation, contact the Office of Research and Economic Development at ResearchCompliance@tntech.edu for further guidance. Export control licenses often take months to obtain, so be sure to reach out to us with plenty of time in advance of your international travel if you need assistance.

Foreign Influence and Disclosure Compliance

Accurately disclose all foreign affiliations and funding sources in grant applications and conflict-of-interest statements to ensure transparency and compliance.

Be mindful of research agreements that could pose conflicts with U.S. government regulations and policies. Avoid entering into undisclosed or informal agreements with foreign entities that could compromise research integrity. Further information on this topic can be found on our page on Undue Foreign Influence in Research.

Report any suspicious requests for information or collaborations to the Office of Research and Economic Development at ResearchCompliance@tntech.edu.

Additional Security Considerations

Passports and Other Important Travel Documents

  • Secure passports, visas, and other identification documents to prevent physical theft as well as identity theft and fraudulent use.
  • While traveling, carry copies of your passport’s ID page and foreign visa(s) with you.
  • Make sure that your passport is valid for at least six months while you travel.
  • If your passport is lost or stolen, report it immediately to the nearest U.S. embassy or consulate or call 1-877-487-2778 (TDD/TTY 1-888-874-7793). In some cases, you may be able to get a limited-validity passport if there is not enough time to get a regular passport.

Physical and Intellectual Property

  • Many countries grant their border security and other government agents legal authority to search or seize your devices while you are within their borders. Be prepared for the possibility that anything you have with you e.g. electronic devices, research papers, notebooks, etc. may be searched or seized when you enter another country.
  • Do not leave research materials, devices, or notebooks unattended, as these could be stolen or accessed by unauthorized individuals.
  • If a device, credit card, or document isn’t absolutely required for your trip, leave it at home. This is especially true for sensitive intellectual property that might have research or commercial value.
  • If you must bring cards or documents with you, make a copy of these items and store the copy in a secure place.
  • You may want to make electronic copies available to you via OneDrive, SharePoint, Google Drive, or something similar in case the original is lost and access is needed while abroad.
  • Be aware of social engineering attempts aimed at extracting sensitive information, such as impersonation scams or phishing attacks.
  • Do not assume that you or your organizational role is too insignificant to be targeted.
  • If a government agent (customs official, police, etc.) demands to examine your mobile device, or if your hotel room is searched while the device is in the room and you are not, you should assume that the device’s hard drive has been copied or compromised.

Foreign Laws and Customs

  • Be mindful of local laws and customs regarding research and technology to avoid unintended legal issues.
  • Learn about travel regulations, local laws and customs for your destination at the U.S. Department of State website.
  • Check the destination country’s official government websites or contact their embassy or consulate in the U.S. to learn what items are prohibited (such as any laws around required medications, etc.). Ignorance of the law will not spare you the consequences of breaking the law and can result in fines, detention, confiscation of items, or prosecution.
  • Always be sensitive to local customs when you are abroad.

Experience Tech For Yourself

Visit us to see what sets us apart.

Schedule Your Visit