The Network Communications Community CAFE is developing a document to provide general guidelines for securing computers, portable devices, and data when travelling. In talking with people from various departments around campus, we have discovered that while many units have travel guidelines and procedures for their own faculty and staff, there isn't any place where all the various issues are pulled together in a single reference guide.

For this reason, I'm asking for help from the MSU community. What we hope to accomplish is to create an easy to read checklist that outlines major areas of concern that any staff or faculty could easily read. This checklist would refer to a more detailed document which described computing and data issues related to travel, and also provided best practices and guidelines for protecting computers, portable devices, and data on the road. Where other MSU offices have already developed excellent documentation, we will simply refer to that office's web site or online documentation as available (for example, the Office of Export Controls.)

Your feedback is necessary to create both the checklist and the final document. If you would be willing to contribute a few paragraphs on any of the topics listed below, suggest additional topics, or tell us about links to great documents already online, please post your contribution here, or email it directly to the NCC-CAFE chairperson, John Resotko [log in to unmask]">([log in to unmask] ).

The list below is our starting point, and is not intended to be complete or comprehensive. These are the topics where we currently need contributions:

General laptop security: updates, using virus scanners and firewalls.

General laptop access controls: who will use the computer when you travel and how will they login?

Wireless on the road: safety and best practices before you use a wireless hotspot.

Wired network connections: safety and best practices before you use a wired connection in a hotel, conference center, or other site.

PDA and Cell phone safety: What do you keep on your PDA/Cell and how do you protect portable devices? Portable storage: safety and best practices for storing data on removable USB storage.

Public internet stations and kiosk computers: best practices and precautions before using others computers.

Network Access to MSU: How to create secure connections to MSU, Virtual Private Networks (VPN), and best practices for network connections to MSU.

Saving data to your travel computer: What MSU considers sensitive data awareness, taking only what you need, and leaving sensitive data off your hard drive if you don't need it for your work.

Email on the road: how secure is your email while you travel, and what can you do to safeguard information  in your email?

Data usage at the travel destination: What data, information, and documents will you be gathering and creating at the travel destination, and what FERPA, UCRIS, or other data issues impact that data, how it is collected, and how it is stored?

Bringing data home: will you carry data created at your destination back on your laptop, on a USB drive, or will you connect to a system at MSU and transmit the data back before you leave?

Network phones over the Internet: Do you use SKYPE or other Voice-over-IP network phone to stay in contact with colleagues at MSU? How secure is that phone call, and what can you do to improve privacy with VoIP services?

My thanks in advance for any assitance you are willing to provide. I look forward to your responses.

 

John A. Resotko
Head of Systems Administration
Michigan State University College of Law
208 Law College Building
East Lansing, MI  48824-1300
email: [log in to unmask]
Phone: 517-432-6836
Fax: 517-432-6861

 

Current Chairperson of the
MSU Network Communications Community