Loaner Laptop Program
Background
Travel with electronic devices presents risk as it relates to export compliance, loss or compromise of data, and unauthorized access to University IT infrastructure. For example, research data or software may be export controlled and may require a license prior to export from the United States. Work devices with locally stored sensitive data such as Personally Identifiable Information (PII) or research data are at risk of compromise. While encryption is a best practice to protect data on issued devices, some countries may seize or require decryption of encrypted devices prior to entry. Travel also presents the risk of device loss or compromise through untrusted or public networks, such as airports or hotels, potentially allowing unauthorized access to University IT infrastructure. The Loaner Laptop/Azure Virtual Desktop program aims to mitigate these risks.
The Loaner Laptop/Azure Virtual Desktop program allows employees and researchers to access the standard University suite of resources (email, Microsoft Office 365 applications, OneDrive, Teams, Canvas, etc.) as well as data on Research File Storage and Network File Storage for KUL and KUMC, respectively. KUL and KUMC IT departments maintain lists of available specialized software for use in the environment. Employee requirements for use of specialized software, access to storage, or computational resources can be coordinated with IT during the loaner laptop request process. For computationally intensive research, the program also allows researchers to access high performance computing resources (KUL only).
Azure Virtual Desktop (AVD) is a virtual environment accessed through the loaner laptop. In the AVD environment; University data, software, and resources remain U.S. based and can be manipulated and saved via the loaner laptop. This capability protects University data, promotes export compliance, and enhances the University’s cybersecurity posture. Upon return from travel, the laptop is reimaged by central IT and prepared for reissue.
Request Process
The loaner laptop request is built into the One KU Concur Travel Request workflow. All employees who intend to conduct University business during international travel, regardless of funding source, should submit a Concur Travel Request. The process of submitting University business Travel Requests remains unchanged. However, employees traveling on personal or external funds (e.g. conference or university sponsorship) and conducting University business should submit a “zero-cost” Travel Request. All international travel requests must be approved at least 30 days prior to travel, per the Official University Business Travel policy.
For university related “zero-cost” trips where no costs are being covered or reimbursed by the university, use the Personal/Non-Reimbursable expense type and put 0 (with no $) in the Amount and add a comment to explain that you are not seeking university funding.
FAQs
On the Lawrence campus, the intended devices for use are the Dell Latitude 7350 Ultralight, the Dell Pro 13 Premium, and the Dell Pro 16 Plus, which are both just over 2 and 4 pounds, respectively.
Yes. IT has designed a solution for users who require the MacOS platform. While the loaner device itself is not Apple hardware, the environment to which the user connects operates MacOS on Apple hardware.
Yes, KUL IT can ship the loaner devices to you domestically if you reside more than 50 miles from your assigned campus. Shipments to international locations will be evaluated by IT and GRS and is not guaranteed. Currently, IT absorbs the cost of shipping loaner devices.
KU data is defined in both the Data Classification and Handling Policy and the Data Classification and Handling Procedures Guide. IT infrastructure refers to networks, storage, and systems operated, owned, or maintained by the University.
KUL IT has designed a solution for users with specialized or single license software. The "International Export Control and Laptop Checkout" form is the means to communicate your needs to both GRS and IT to begin that discussion. Assuming a 30-day lead time for international travel, there should be ample time review and support your needs in a compliant manner.
If connectivity is an issue at your destination, GRS and IT will work with you to create an off-line solution to conduct your work. The "International Export Control and Laptop Checkout" form is the means to communicate your needs to both GRS and IT to begin that discussion. Assuming a 30-day lead time for international travel, there should be ample time review and support your needs in a compliant manner.
What is being presented, who receives the presentation, and where the presentation takes place are all export control concerns. Sharing defense articles or non-fundamental research with non-U.S. persons will or may require a license, respectively. The determination of what is fundamental research is often not straightforward, and GRS is here to assist in that determination. If you are presenting on funded research at an international conference, contact GRS@ku.edu to evaluate your presentation. If approved for export, you will receive an exception to the Electronic Device Travel Policy to transfer your presentation to the loaner laptop.
All network storage at KUMC (P, R, S, etc.) and KUL (ResFS, CFS, etc.) is accessible via Azure Virtual Desktop (AVD).
Yes. Users must return loaner laptops within 5 business days of the completion of their trip as requested in Concur.
As it pertains to the duration of travel, a time limit has not yet been clearly defined. Recently, for long term travel and in periods of expected high demand, we have requested the sponsoring department fund the purchase of a loaner laptop which will be managed by central IT and the loaner program. That laptop may enter departmental circulation after the extended travel or, if funding allows, be absorbed into the loaner program. Please contact GRS to discuss your specific needs.
Yes. As an example, you may read and respond to emails on your personal device while traveling internationally. O365 mobile applications like Outlook and OneDrive are designed to access data in the cloud and are not restricted. It is only when data is brought from the cloud and stored on a local device that an export may occur, if you are traveling internationally. This is also why University data should not be transferred to the loaner device without approval from GRS.
The Electronic Device Travel policy does not preclude employees from accessing KU systems domestically with personal devices. However, if the employee is traveling internationally and intends to access University resources, the employee must do so through the Loaner Laptop/AVD program.
On the Lawrence campus, AVD allows connections to the community cluster for your HPC needs. If you have a research laptop or desktop you would like to connect to during your travel, KU IT has a solution. The "International Export Control and Laptop Checkout" form is the means to communicate your needs to both GRS and KU IT to begin that discussion. Assuming a 30-day lead time for international travel, there should be ample time review and support your needs in a compliant manner.
Still have questions?
Please contact Global Risk and Security at GRS@ku.edu or 785-864-0821.