This advice is intended to help you make use of our IT facilities overseas. There is more detailed University policy and guidance that you should follow if you are handling particularly sensitive data or carrying out sensitive research:
If you are visiting countries that implement web filtering, you may be unable to access some resources. When travelling anywhere overseas, you should be aware that data on any devices you take with you may be at risk. The risk will vary according to the country you are visiting, and the type of data you have.
The guidance we give here is quite general - the situation in any country changes regularly, and can vary between regions within the country, so it's difficult to give any definitive guidance. Please get in touch with us (email email@example.com) well before your trip if you want to discuss any concerns.
Countries or regions where access to Google Apps is unreliable or restricted currently (April 2016) include:
Countries where access to Duo for 2 factor authentication is unreliable or restricted currently (May 2022) include:
Attempts to authenticate will be blocked and you will not be able to connect to the University VPN or other services that use Duo.
If the resource you need is blocked, you may be able to access it using either the University's VPN or the Virtual Desktop Service. However, it is possible that access to these services may also be blocked in some areas.
If you are able to connect to the University VPN (Virtual Private Network), it will allow you to access resources which are otherwise restricted in a country. Find out how to access the VPN at:
We recommend installing GlobalProtect application to connect to the VPN, and that you set this up (and check that it's working) before you leave. This will give you the best experience for using Google Mail and other resources.
For students in China we provide China Connect to allow access.
Note: If you're using the Web VPN (by logging into https://webvpn.york.ac.uk through your browser), you will find that you are unable to login to your Google account as the Google login screen does not work through the Web VPN.
If you're using the VPN, or if connections to the internet are slow, use the HTML version of Google Mail - it will load more quickly:
If you have two factor authentication (2FA) enabled on your Google account, make sure you are using the Google Authenticator app rather than text messages, as SMS delivery can be unreliable and expensive. Install the app and check that it's working correctly before you travel.
Note: It's still important that you are aware of, and abide by, the laws of the country you are visiting. For example, if you use the VPN to access pornographic material in a country where use of pornography is illegal, you may face legal action if caught.
For general use, we recommend encryption as a means of protecting the data on your laptop in case of loss or theft. However, some countries (eg China and Russia) do not allow the import or export of encrypted devices. Attempts at hiding encrypted disk partitions may be detected, and lying in response to border official questioning about the existence of encrypted disk partitions may be a potentially serious criminal offence.
In some countries, unattended laptops (encrypted or not) may be tampered with (eg hotel employees may install keyloggers). This is a particular risk if you deal with sensitive information relating to (for example) high technology, defence, human rights, or other politically sensitive matters.
Laptops, tablets, phones and other mobile devices may be attacked and compromised via malware or automated attack tools. Commercially available security software, even when completely up to date, may not prevent this.
Devices taken across international borders may be subject to official governmental review and even complete duplication (eg in some countries, Customs officers may temporarily seize your device, and keep a copy of its entire system on entry or exit).
Our advice is that you take a cheap device that you only use for this purpose. Start with it blank, populate it with as little data as possible, and don't let it out of your sight. We advise that you access IT facilities using the Virtual Desktop Service (VDS) rather than storing data on the device. Departments may want to maintain a pool of cheap laptops or tablets for this purpose. We provide information on our purchasing pages, but the market in low-cost devices changes regularly, so please contact us for advice.
If it is left unattended at any time (even in a locked room and/or locked safe) and you have any concerns, we recommend that you dispose of it on return to the UK. If this isn't practical, then you need to ensure that the device is fully erased, and then kept only for use on future trips. Contact us for advice on how to erase the device.
Make sure that your new device meets all of our security guidelines, including installing anti virus software, enabling automatic updates, and setting a strong password.
If you are handling particularly sensitive data or carrying out sensitive research, you may need to take further precautions. Follow the University policy and guidance relating to Information Security, and contact us for advice before you travel.
Never use computers in internet cafes or hotel/airport business centers, or systems belonging to other travelers, colleagues, or friends. They may be monitored or infected with malware.
If you have any other concerns or specific questions, please email firstname.lastname@example.org, and our Security team will be able to offer you advice.