International travel presents unique risks to research data and cybersecurity challenges. This page contains helpful information on safeguarding research data.
Foreign Travel Security Briefing
This briefing applies to all employees and Designated Campus Colleagues who will be traveling outside of the United States of America. If you have access to U of A research information, technical data and/or controlled data, you may be a target for foreign intelligence agents because U.S. information is targeted by foreign governments. Because you meet people from various countries when traveling, it is important you are aware of potential foreign intelligence gathering activities.
You may be unfamiliar with the customs, laws, people, language and legal system of the country you are visiting causing you to rely on strangers. This vulnerability may make you an attractive target for the foreign agent. You should avoid compromising situations in which threats or blackmail could surface.
U of A's research enterprise consists of valuable data. As such anyone who has access to U of A data is susceptible to attempts to gain access to non-public information.
YOU ARE THE TARGET. Foreign information gathering is usually non-threatening, designed to go unnoticed. Here are some methods someone may use to gain access:
- Assessment (A friendly discussion to assess whether you have valuable information.)
- Eavesdropping (Listening to your conversation or using audio and video devices.)
- Theft of information
- Theft of electronic devices
- Bag Operations (Entering your hotel room to steal, copy or download information left in your hotel room.)
- Intercepting Electronic Communications
All Suspicious Contact must be reported to the Research Security Program (ResearchSecurity@arizona.edu). A Suspicious Contact is an encounter in which someone, regardless of nationality, illicitly attempts to obtain access to U of A research information, technical data and/or controlled data.
Please review the TIPS: Travel Information, Protection & Security section for information on protecting U of A research information, technical data and/or controlled data.
TIPS for Protecting U of A Research Information, Technical Data and/or Controlled Data
- Unpublished research data should be removed from any device taken to a foreign country. The Research Security Program is not responsible if unpublished research data is taken to a foreign country.
- Be aware of using public wireless networks.
- Do not use computer or facsimile equipment at foreign hotels or business centers to communicate about unpublished research data, technical data, and/or controlled data.
- Maintain physical control of all sensitive documents and equipment. Never leave your electronic devices unattended.
- Disable wireless and Bluetooth when not in use.
- Be aware of questions designed to assess whether you have valuable information (e.g., how your research is conducted, leading questions about your research, references to real or false information about U of A).
- Be aware of "fast friends" and flattery (e.g., praise, "I heard you're the expert," a common friend, provides confidential information about their research or institution).
- Use measures to ensure your personal belongings have not been tampered with while you are away from your hotel room (e.g., leave the zipper open a hand-length and ensure it's the same when you return, check for disturbances/items that may have been moved, etc.).
- Remember hotel staff may cooperate with foreign intelligence agents. Your hotel safe may not be secure.
Note: Encryption products, data, technology, blueprints or other drawings may fall under export control regulations. Contact Export Control for more information.
After reviewing requests for foreign travel, the Research Security Program will contact the traveler when a clean laptop should be used to mitigate an identified research security concern. A clean laptop is encrypted, and an endpoint management solution will be used to provide elevated security of the device. Applications and downloads will be restricted but individuals can contact the Research Security Program who will work with UITS to ascertain risks associated with the requested applications being used in a foreign country. The USB ports will be blocked on each laptop to prevent data theft.
Contact the Research Security Program
This page was last updated April 2025.