Whether on campus or abroad, Northeastern is dedicated to data protection and takes cybersecurity risks very seriously.
The destinations mentioned below are covered by the Policy on Portable Devices for High Cybersecurity Risk Destinations.
- North Korea (embargoed; all travel prohibited)
- Palestinian Territories
- United Arab Emirates
These regions have been identified as presenting an enhanced degree of cybersecurity risk. University travelers must take the following steps when traveling to these destinations:
- University employees should not take their own university-issued or provided laptops, tablets or mobile devices when traveling to destinations with heightened cybersecurity risk, or to sanctioned or embargoed countries.
- Should you need a device for university sponsored travel, employees are required to submit a IT Service Desk Request Form at least two weeks prior to departure to receive a university-owned loaner device (e.g., laptop, tablet, or mobile phone). Subject to available inventory, travelers on short-term personal travel to destinations with heightened cybersecurity risk may be able to obtain loaner devices.
- No intellectual property or confidential information should be downloaded to any Loaner Device. Users are not permitted to modify system settings or install additional software and should not load any files or data on to these devices.
- During travel, users must follow the Guidelines for accessing cloud storage and the university’s VPN.
- Within two business days of returning to the university, the traveler should return the Loaner Device(s) to the IT Service Desk where it will be wiped, re-formatted, and re-imaged.
Moreover, several countries restrict the import of encrypted devices and software, or require a license to bring encryption software/devices into the country (e.g., China, Iran, Israel, Russia, Saudi Arabia, and others – check with the Director of Research Integrity and Export Controls, email@example.com).