This publication provides technical guidance on strategies that organisations can take to secure the use of electronic devices that individuals take with them when travelling overseas.
First published 2012; updated 2018; reformatted January 2019
This publication has been developed to assist IT security staff to secure electronic devices and information before employees travel overseas. It should be read in conjunction with the guidance in Travelling Overseas with Electronic Devices (User Guidance).
For devices carrying classified information, the Australian Government Information Security Manual (ISM) contains further guidance.
The following mitigation strategies should be implemented before employees travel overseas in order to maximise the security of devices and the information held on them. This is general guidance which may not be applicable to every device.
- Update the operating system and all applications on devices. Most updates are fixes for identified security vulnerabilities and should be applied as soon as they become available.
- Restrict administrative privileges on devices to only users who need them. Restrict user’s rights in order to permit them to only execute a specific set of predefined functions as required to complete their duties.
- Implement application whitelisting on devices, such as Microsoft AppLocker, to only allow approved programs to run. For tablets and smartphones, use Mobile Application Management tools to specify which applications are allowed to be run.
- Install antivirus software on devices. Virus pattern signatures should be checked for updates several times per day and installed as soon as they become available. All storage should be regularly scanned for malicious code.
- Where possible, install a firewall to protect against malicious incoming network traffic.
- Disable unnecessary features or software; minimising software on devices reduces opportunities to gain access to devices through software-based security vulnerabilities.
- Implement passphrase policies as per the ISM or device-specific hardening guides.
All devices should be encrypted to mitigate the risk of unauthorised access to information if a device is lost or stolen. In doing so, organisations should use either full disk encryption or partial disk encryption where access controls will only allow writing to encrypted partitions.
Full disk encryption provides a greater level of protection than file-based encryption. While file-based encryption may protect individual files, there is a risk that unencrypted copies of the file may be left in temporary locations used by the operating system. Full disk encryption also allows operating system and software files to be more easily protected from an adversary with physical access.
Configure wireless security settings on devices such that they can’t connect to ad hoc wireless networks. Further, configure devices such that split tunnelling is disabled when users connect back to the organisation via a Virtual Private Network (VPN) to browse the web or access their emails. Finally, disable Bluetooth pairing by default. This can be enabled if required but should be done prior to the departure of employees on overseas travel.
The Australian Government Information Security Manual (ISM) assists in the protection of information that is processed, stored or communicated by organisations' systems.
The Strategies to Mitigate Cyber Security Incidents complement the advice in the ISM.
Organisations or individuals with questions regarding this advice can contact the ACSC by emailing email@example.com or calling 1300 CYBER1 (1300 292 371).