Oscar is on official government travel using a government-issued laptop, so the situation is about how to safely work with sensitive but unclassified data (CUI) in a public setting like an airport.

Core scenario

Oscar is working on Controlled Unclassified Information (CUI) on his government laptop in a public place (for example, an airport), and he is using a personal hotspot instead of public Wi‑Fi. This raises questions about whether his setup is secure enough and what extra steps he must take to protect government information in transit and from people nearby.

Key security considerations

  • Even though the laptop and network connection may be more secure than open airport Wi‑Fi, CUI can still be exposed through shoulder surfing, screen reflections, or overheard conversations.
  • Policies for CUI typically require physical safeguards (like controlling who can see the screen), technical safeguards (approved VPN, encryption), and adherence to agency rules on remote access.

Typical best practices for Oscar

  • Sit with his back to a wall or away from crowds, and use a privacy screen filter so people cannot easily read the display.
  • Use only approved secure connections (such as a government VPN over his hotspot), lock the screen when stepping away, and avoid printing, discussing, or displaying CUI where others can see or hear it.

What usually is or isn’t allowed

  • Using a personal hotspot can be acceptable for CUI if the agency’s policy permits it, the device is configured correctly, and a secure VPN is used.
  • Using open public Wi‑Fi, leaving the laptop unattended, or allowing others (including family members) to handle or view the device and its contents would typically violate CUI protection requirements.

Information gathered from public forums or data available on the internet and portrayed here.