Traveling with University Accounts and Devices
Quick Overview
- Security guidance for faculty, staff, and students who travel
- Best practices for accessing university accounts and devices off campus
- Explanation of account security monitoring during travel
- Common travel-related login and authentication issues
General Information
Traveling and Account Security
When traveling, university accounts and devices may be exposed to higher cybersecurity risks due to:
- New geographic locations
- Unfamiliar or unsecured networks
- Public or shared internet access
Following these best practices helps protect your account, your data, and university systems.
Before You Travel
Prepare Before You Leave
Before traveling, we strongly recommend that you:
- Verify you can successfully sign in to your university account
- Confirm Duo authentication is working
- Ensure you have more than one authentication method available
- Install pending operating system and application updates
- Restart your device after updates are applied
- Verify you can connect to the SFA VPN, if your role or activities require it
|
i
|
Tip
Testing VPN and authentication access before traveling reduces disruptions while you’re away.
|
While Traveling
Use Secure Connections
- Avoid public or unsecured Wi-Fi when possible
- Do not connect to unknown or suspicious networks
- Use the SFA VPN when accessing university systems from off-campus networks
- Use a personal hotspot if available
If public Wi-Fi is unavoidable:
- Avoid accessing sensitive systems
- Do not change passwords
- Log out of applications when finished
Be Cautious with Emails and Messages
Travelers are frequently targeted by phishing attempts that may:
- Appear to be security alerts
- Claim urgent account issues
- Reference travel-related activity
Do not click unexpected links or open suspicious attachments, even if they appear legitimate.
Account Security Monitoring During Travel
How Security Monitoring Works
To protect users and institutional systems, the university continuously monitors account activity for indicators of compromise. This includes detecting:
- Sign-ins from new or unusual locations
- Logins from high-risk regions or networks
- Abnormal access patterns or behaviors
This monitoring is automated and applies at all times, including while traveling.
What Is “Impossible Travel”?
Impossible travel occurs when an account appears to sign in from two geographically distant locations in an unrealistically short period of time. For example:
- A login from one country followed shortly by a login from another country
- Rapid sign-ins from distant regions that cannot reasonably be traveled between
This activity commonly indicates compromised credentials.
Why Accounts Are Locked for Impossible Travel
When impossible travel is detected, the system cannot determine which login is legitimate. To protect the account and university data, security systems may:
- Temporarily block sign-ins
- Require additional verification
- Lock the account until ownership can be confirmed
|
!
|
Important
These actions are protective security measures, not disciplinary actions.
|
Common Issues Travelers May Encounter
Additional Authentication Prompts
While traveling, you may be asked to verify your identity more frequently due to:
- New locations or networks
- Foreign internet service providers
- Increased risk signals associated with travel
This behavior is expected and helps keep your account secure.
Account Lockouts
Accounts may be temporarily locked due to:
- Multiple failed login attempts
- High-risk login activity
- Impossible travel detections
If this occurs, contact the IT Service Desk for assistance.
Duo Mobile and Network Location
When using Duo Mobile for authentication, differences in network location can sometimes trigger security alerts.
To reduce the risk of impossible travel detections:
- Ensure your computer and mobile device are connected to the same Wi-Fi network when approving Duo prompts
- Avoid approving Duo requests over cellular data while your computer is connected to Wi-Fi
- Avoid switching networks during the sign-in process
Keeping both devices on the same network helps ensure consistent location data during authentication.
How to Reduce the Risk of Account Issues While Traveling
To help prevent access disruptions:
- Use the SFA VPN when accessing university systems from off-campus networks
- Avoid signing in from multiple devices at the same time
- Fully sign out of sessions before switching locations or networks
- Use a single, trusted device when possible
- Avoid VPNs or anonymizing services not provided by the university
- Keep authentication apps and devices with you at all times
If You Need Help
Contact IT Immediately If You:
- Are unexpectedly locked out of your account
- Receive login alerts you did not initiate
- Lose a device that has university access
- Suspect suspicious account activity
Prompt reporting helps limit potential impact and restore access more quickly.
Key Takeaways
- Traveling increases cybersecurity risk
- Security monitoring continues while you travel
- Impossible travel detections are automated protections
- Using the SFA VPN and consistent networks helps reduce issues
- Preparation reduces disruptions