Before travelling overseas with mobile devices, personnel take the following actions: • record all details of the mobile devices being taken, such as product types, serial numbers and International Mobile Equipment Identity numbers • update all operating systems and applications • remove all non-essential data, applications and accounts • backup all remaining data, applications and settings.
Topic
Before travelling overseas with mobile devices
Applicable to
all
History
Dec 2023
Before travelling overseas with mobile devices, personnel take the following actions:
• record all details of the mobile devices being taken, such as product types, serial numbers and International Mobile Equipment Identity numbers
• update all operating systems and applications
• remove all non-essential data, applications and accounts
• backup all remaining data, applications and settings.
The existing control relating to hardening mobile devices before overseas travel was amended to split out recommendations to configure remote locate and wipe functionality, as well as secure lock screens, as such measures are applicable to everyday use of mobile devices.
Dec 2021
Before travelling overseas with mobile devices, personnel take the following actions:
• record all details of the mobile devices being taken, such as product types, serial numbers and International Mobile Equipment Identity numbers
• update all operating systems and applications
• remove all non-essential accounts, applications and data
• apply security configuration settings, such as lock screens
• configure remote locate and wipe functionality
• enable encryption, including for any removable media
• backup all important data and configuration settings.
Miscellaneous changes were made to rationale and security controls throughout the publication. This included:
• A review from the Using the Information Security Manual chapter through to the Guidelines for Media chapter.
• Security controls suitable for all audiences have been identified with the ‘All’ applicability marking while additional security controls suitable for just government audiences have been identified with the O, P, S and TS applicability markings.
• Security controls suitable for specific classifications have been amended to include their classification(s) in the wording of the security controls to reduce the reliance on applicability markings to confer suitability.
• Tables in security controls have been converted into prose to allow for inclusion in the SSP annex template and the XML list of security controls.
• The use of ‘official’ and ‘highly classified’ terminology has been replaced with specific classifications to remove ambiguity.
• Security controls relating to high assurance ICT equipment have had their applicability narrowed to ‘S, TS’ reflecting that they are intended for the protection of SECRET and TOP SECRET systems and data.
Oct 2019
Before travelling overseas with mobile devices, personnel take the following actions:
§ record all details of the devices being taken, such as product types, serial numbers and International Mobile Equipment Identity numbers
§ update all applications and operating systems
§ remove all non-essential accounts, applications and data
§ apply security configuration settings, such as lock screens
§ configure remote locate and wipe functionality
§ enable encryption, including for any media used
§ backup all important data and configuration settings.
Technical hardening measures for mobile devices being taken on overseas travel were split out of security control 1298 into security controls 1554 and 1555. In addition, content was updated to align with advice within the ACSC’s Travelling Overseas with Electronic Devices publication.