Body
PRINT DISCLAIMER: Official version of this document is accessible in the online policy library at https://policyoffice.ku.edu/. Printed copies may not reflect the most recent updates.
DOCUMENT TYPE:
Policy
PURPOSE:
To outline the requirements for the use of any University electronic devices (e.g., laptops, tablets, cell phones) and/or access to KU IT infrastructure and data during international travel.
APPLIES TO:
Any individual who has access to University electronic devices and/or KU IT infrastructure traveling internationally.
CAMPUS:
Lawrence, Edwards, Leavenworth, Juniper Gardens, Parsons, Pittsburg, Salina (KUL), Topeka, Wichita (KUL), Yoder, Medical Center (KUMC), Salina (KUMC), Wichita (KUMC)
DEFINITIONS:
KU IT Infrastructure – Any information system owned, operated, managed, or maintained by the University.
Outside the United States – Outside the 50 states, Washington DC, U.S. territories and possessions. Locations within the U.S. where extraterritorial jurisdiction is required is considered "outside the United States". Examples include but are not limited to foreign embassies or consulates, or foreign-owned facilities or offices operating in the U.S.
Electronic Device – Equipment used to perform a specific function such as processing, storing, or transmitting information.
University Business Travel – For purposes of this policy, University business includes teaching, conference attendance, research purposes and external activities that are within an individual’s area of professional expertise.
Azure Virtual Desktop – a cloud-based service from Microsoft that allows users to access virtualized Windows desktops and applications from anywhere.
POLICY STATEMENT:
The University of Kansas and the University of Kansas Medical Center (hereafter, “KU”) recognize the inherent risk to data and device security when applicable individuals travel internationally. Moreover, KU is required to protect sensitive data, comply with federal regulations, and maintain cybersecurity for those who are traveling with access to University electronic devices and/or University IT infrastructure.
In compliance with the National Security Presidential Memorandum 33 (NSPM-33), Kansas Board of Regents policy, and federal agency requirements, all applicable individuals who need to conduct University business while traveling internationally, regardless of funding source for such travel (e.g., university funded, sponsored, personally funded), are required to utilize the Loaner Laptop/Azure Virtual Desktop (LL/AVD) program to access KU data and IT Infrastructure. The LL/AVD Program provides access through issuance of electronic devices as outlined in the Loaner Laptop/Azure Virtual Desktop Procedure.
For the protection of KU data and systems, KU IT issued electronic devices, excluding devices issued by the Loaner Laptop Program, must not be transported outside the United States. KU data must also not be transported outside the United States, including data stored on personal devices and external media (e.g., thumb drives, external drives). KU data must be removed from the personal device/external media prior to travelling internationally. Visit the Loaner Laptop Program Frequently Asked Questions webpage for additional information.
All devices issued through the Loaner Laptop/Azure Virtual Desktop (LL/AVD) program are equipped with standard mass-market software (e.g., Microsoft suite) installed for connecting to the virtual environment. For protection of data, no data shall be transferred to the loaner device. Azure Virtual Desktop (AVD) is the traveler’s solution for accessing and utilizing data. AVD, which requires the use of DUO Multi-Factor Authentication, is used to access any University of Kansas network. Under current export control laws, DUO does not operate in OFAC sanctioned programs and countries. Further information regarding restrictions on DUO operation can be found on the DUO website. Accordingly, no loaner devices are issued for travel to OFAC sanctioned countries.
Any applicable individual conducting University Business while on international travel must complete an International Travel Request in Concur and receive approval 30 days prior to travel. Individuals must comply with all travel requirements within all applicable University policies.
EXCLUSIONS OR SPECIAL CIRCUMSTANCES:
Special circumstances or questions regarding application of the policy, such as the use of email on a personal phone, may be answered in the Loaner Laptop Frequently Asked Questions webpage, or by contacting Global Risk and Security directly for clarification.
CONSEQUENCES:
Failure to abide by the requirements of this policy and/or related procedures may result in the loss of future travel privileges. Applicable individuals may also be subject to loss of computer or network access privileges, including while traveling internationally, disciplinary action, suspension, termination of employment, dismissal from the University, and legal action. Some violations may constitute criminal offenses under local, state, and federal laws. The University is required to report such violations to the appropriate authorities.
CONTACT:
Global Risk and Security
KU Innovation Park
2029 Becker Drive
Lawrence, Kansas 66047
785-864-0821
GRS@ku.edu
RESPONSIBLE UNIT:
Global Risk and Security
APPROVED BY:
Chancellor
APPROVAL DATE:
02/13/2026
EFFECTIVE DATE:
02/13/2026
REVIEW CYCLE:
1 year
RELATED STATUTES AND REGULATIONS:
National Security Presidential Memorandum 33 (NSPM-33)
RELATED POLICIES:
KU Medical Center and all reporting units:
Viewing Appropriate Use of Information Systems
RELATED RESOURCES:
U.S. Department of State Travel Advisory List
Office of Global Risk & Security Export Compliance
U.S. Export Controls
Microsoft Exporting - Exporting Information
International Engagements
Foreign Travel Security
Loaner Laptop Program
CHANGE HISTORY:
02/13/2026: New policy published in the Policy Library.
TITLE:
Electronic Device Travel Policy