A working group of the CIO Council has issued guidance on use of mobile devices by federal employees while overseas, involving both technical aspects and practices for users to follow before, during and after travel.
“Because of their portability and always-on state, mobile devices are susceptible to compromise, theft, physical damage, and loss, regardless of the user’s location. Use of mobile devices during foreign travel often intensifies this risk,” a posting on cio.gov says.
It says that a device’s camera, microphone, GPS functions, and other sensors may be used to eavesdrop on or track a traveler and that once compromised, the device could be used to steal information or attack enterprise IT systems.
“Both government and personal information are at risk, including government and personal user account information, contacts, and application data. Moreover, government and industry employees often are targeted by foreign adversaries seeking to access the government’s confidential data and intellectual property and, in some cases, the personal data of government employees,” it says.
High-profile personnel should not carry their regular-issued government-issued mobile device when traveling internationally but rather should be provided a disposable or loaner commercial mobile device when they travel to a high-threat environment, it says.
The guidance is at cio.gov/2022-02-18-final-international-travel-guidance