Personal Security Resouces

• Forward your voicemail to email, or access your voicemail from the voicemail. This configuration saves you from having to dial into your voicemail account which can potentially reveal your voicemail passcode on insecure lines. For further info, see, Voicemail (UR Source, for employees)
• Ensure you have strong passwords according to the password guidelines.
• Ensure your Antivirus is current and actively running scans.
• Backup your devices before traveling. Should your device be lost or stolen, your data will be stored safely elsewhere. Do not store the backup on portable media, such as a USB drive, and pack it with your luggage. Leave the backup at home, or at the office in an appropriately locked storage.
• Travel light: Plan to bring a minimum number of devices. Reducing the number of devices that are being traveled with reduces the risk of compromise. Do not bring a device unless it is required.
• Ensure all devices are configured to use a password, passphrase, or passcode. Ensure the passcode or password is automatically enabled when the device is unattended, locked, or sleeps. Never store the passcode with or on the device.
• Remove all sensitive, or personal data from devices before traveling. For example, for a smartphone or tablet, prior to traveling it is recommended that you save your data, reset to factory defaults, and restore your backup when you return. For laptop computers, remove any documents containing personally identifiable data, confidential data, or institutional data from your computer.
• Ensure the VPN client is installed. The VPN client should be used when accessing University services across the internet. Note: The VPN tunnel does not encrypt all traffic. Only traffic associated with University Network services is encrypted. See, technote for installation of the VPN client for multiple types of devices.
• Familiarize yourself with the Information Security policy. These policies apply when you are traveling for University business.
• Complete the online Information Security Awareness Training.
  • The Information Security Awareness Training is designed to raise awareness about information security, good information security practices, and related policy in order to help prevent unintentional compromises of sensitive information and computing systems. 
  • Specific topics related to traveling include handling of confidential data, physical security, wireless access points, recognizing and reporting a security incident, and working in public places.

• Ensure the VPN client is installed.
• The VPN client should be used when accessing University services across the internet.

• Do not plug your phone or tablet into public USB chargers or kiosks. This can be a threat to the data on the phone as the cable may be connected to a hostile computer or device designed to infect your phone.
• It is recommended to only use your own trusted chargers, cables, and power supplies.
• Do not leave your devices unattended. Do not assume that a computer or mobile device left in a hotel room will be secure.
• Be aware of your surroundings. Watch for those looking over your shoulder.
• Do not share your device with anyone else.
• Do not use public computers provided by libraries, hotels, etc. These machines should not be trusted as there is no way to confirm if malware such as keyloggers for password capturing has been installed.
• Do not accept software updates or install software while when traveling. Some attackers push application updates containing malware to hotel network users, or app stores. It is better to update your applications before traveling and then avoid updates until you return home.
• Complete only the minimum amount of business necessary while traveling.
• Minimizing the amount of sensitive data created, stored, and transmitted is important in reducing information security risk.

• Use caution when connecting to the internet using public networks.
• A public network is generally open and unsecured, which allows anyone access to it.
• These networks are available in airports, hotels, restaurants, and coffee shops, usually in the form of a WiFi connection.
• When you connect to a public network, your online activities and data transmissions can be monitored by others, and your data may be at risk.

When using a public network:

• Avoid entering any personal or confidential information, such as passwords, credit cards, etc., until you have a more secure network connection.
• Limit your use to casual browsing only, e.g., checking the news, looking up restaurant or movie information, or flight information, etc.
• Use only encrypted web services, such as websites that connect to over HTTPS, or traffic can be intercepted.
• Read, understand, and heed ALL browser warnings you see (i.e. pop-ups).
• Consider alternative Wi-Fi connections such as using a cell phone to connect to the Internet (tethering).
• Seek trusted networks that require an encryption key to utilize.
• Use VPN when accessing University network services.

• Change your uregina.ca password, and Banner password (if applicable): Instructions for changing password accounts.
• If you checked your voicemail while traveling, change your voicemail passcode.
• Ensure full malware scans are completed. If assistance is required to do so, contact the IS Service Desk.
• If any signs of an loss of confidentiality, data integrity, or data loss occur as a result of travel, follow the directions to report an information security incident.
• Save any documents you created while traveling to an external location and restore from your pre-departure backup.
• Update operating system software and applications that were deferred during travel.

• Windows: CTRL+ALT+DEL, Enter or Window+L
• Mac:  COMMAND + CONTROL + Q or use a hot corner to lock or initiate the screen saver