Foreign Travel

Cybersecurity is an increasingly important consideration for State of Wyoming employees when engaging in any type of foreign travel. But it’s exceptionally important when participating in official foreign travel involving state assets.

What is ‘Official Foreign Travel’?

Official Foreign Travel is any trip that a state employee must conduct in the performance of their official duties, which requires them to travel to a foreign country or any U.S. possessions or territory. This includes countries like Puerto Rico, the U.S. Virgin Islands, and Guam. 

Who Needs to Follow This Process?

According to Executive Order 2024-01, Foreign Travel Approval, any executive branch employee or the heads of all state agencies, departments, boards, or commissions that is planning any official foreign travel.

What are the First Steps?

The first step is to fill out a State of Wyoming Foreign Pre-Travel Request 45 days before planned travel and submit it to the Governor’s Office. This allows enough time for a thorough review and for the other steps necessary before travel. 

Once the Governor’s Office has approved your travel plans, the Wyoming Office of Homeland Security (WOHS) will contact you to schedule and complete a pre-travel briefing with members of the Wyoming Information Analysis Team (WIAT).

Smart Traveler Enrollment Program (STEP)

The Department of State’s International Travel Page contains a lot of information that may be valuable to the international traveler.  This includes the Smart Travel Enrollment Program (STEP), which all State of Wyoming employees are required to enroll in prior to travel.

The benefits of enrolling in STEP include receiving important information from the Embassy about safety conditions in your destination country, helping you make informed decisions about your travel plans, and helping the U.S. Embassy contact you in an emergency.

The Department of State also has several links to information that will help you learn more about your destination, including travel advisories and a list of embassies and consulates.

State Equipment & Official Foreign Travel

State-issued devices are not authorized to be taken outside the US without approval from the Chief Information Officer (CIO). A request for ‘burner’ equipment must be submitted to Enterprise Technology Services (ETS) at least 14 days prior to travel. These requests are made via the Service Desk Support Team Request Process (ServiceNow).

While traveling, state-owned assets must be under the physical control of the state employee at all times.  Employees cannot use hardware and software not authorized by the State on state-owned resources (e.g., USB connection storage devices).

When the employee returns to the US, all ‘burner’ equipment should be powered off and returned to ETS immediately.  Do not plug in or attach any of this equipment to the State network in any way.

Returning from Official Foreign Travel

Once a state employee returns from Official Foreign Travel, in addition to returning all burner equipment to ETS, they must complete a post-travel briefing with the Wyoming Information Analysis Team (WIAT). Again, the Wyoming Office of Homeland Security (WOHS) will make arrangements.

Cyber Tips to Keep You Safe When Traveling Internationally

When traveling internationally for business, it is crucial to prioritize cybersecurity safety.  As professionals navigate unfamiliar territories and networks, they face heightened risks of cyber threats, from data breaches to malware infections. Business travelers must take proactive measures to secure their digital devices and communications.

Do NOT leave your devices unattended; lend them to someone you just met, or leave them in your checked bag on your flight.  If you ever leave your computer, make sure to turn it off instead of just hibernating it or putting it to sleep.

Do NOT plug in untrusted accessories.  Untrusted accessories, those that came from questionable sources, can be infected with malware intended to steal your data.  Avoid plugging in any untrusted accessories (flash drive, charging cable, SD cards, etc.) to your device.  Try to plan and take all the necessary accessories with you, but if you must purchase an accessory abroad, make sure it is from a reputable source.

Do NOT enter your credentials into public computers. Public computers, such as those in hotel business center workstations and internet cafes, are often poorly managed and provide minimal security protection for users. If the need to use public computers arises during your travel, avoid entering your credentials at these public computers.

Connect only to known Wi-Fi networks. It’s tempting to stay in touch with friends and colleagues as you travel by connecting to Wi-Fi networks.  However, anyone can create a network and give the network a legitimate-sounding name, hoping to lure unsuspecting travelers into connecting while capturing personal information transmitted through the network. This is especially prevalent in public cafes, hotel lobbies, and airports.  When connecting to a network, find out the correct network name from the staff at the business and connect to it. 

Turn off your Wi-Fi when it is not in use.  Attackers can easily spoof Wi-Fi network names to connect to devices within range for eavesdropping.  To help you avoid accidentally connecting your device to rogue Wi-Fi networks at a later time,  once you are finished using the network, turn off Wi-Fi on your device.

Do not click on suspicious links or prompts.  Malicious websites commonly craft attacks to exploit a user’s curiosity, impatience or to scare them with malware threats.  These malicious attacks might come in the form of links or pop-ups that present free offers too good to be true or imminent malware infection if you don’t install the product.  Think before you click a link or “Yes” to a prompt.

Clear browsing session information when using devices that do not belong to you. Some web applications do not log you out entirely, even when clicking the logout button or closing the browser.  Such behavior allows the next person who uses the device to browse to the same page or click the back button to access your data as if you are still logged in. To prevent others from accessing your account and data, clear all the web browser session information.

Take note of the credentials you are using during the trip. Whether you are using them on your device or a public computer, they may be compromised. To be safe, take note of the credentials you used so you can change them on a trusted and secure device once you return.

Other Information to Keep You Safe When Traveling Internationally

Traveling to other countries can be an eye-opening experience, as the customs and social norms that govern daily life can differ vastly from what we're accustomed to in the United States. Always research your destination. This will help you better understand the ‘dos’ and ‘don’ts’ of a different country. Also, be aware of the crime rates where you will be staying.

Always ensure that you choose secure lodging. Research accommodations carefully and read their reviews for safety concerns. Arrange at least your first night of accommodations before you travel. If possible, arrange all your accommodations during the trip before traveling. Also, have an idea for backup accommodations.

Try to choose a location close to transportation and public services.  If you have need for special accommodations, check with the hotel to see if they have appropriate facilities, including a working elevator and ramps.

Additional Resources