Indevtech Blog
Let’s Face It: If Anyone Knows Security, It’s the National Security Agency
The NSA—the National Security Agency of the United States of America—are pretty well-known for their digital prowess. Therefore, when they provide a list of practices to help keep our increasingly crucial mobile devices secure, it only makes sense for us to listen.
Let’s talk about some of the takeaways that we can glean from what the NSA has shared.
Examining the NSA’s Mobile Device Best Practices
The NSA's advice is available as a free download of a useful reference sheet that addresses many features that can be used to undermine security. It covers many safeguards and practices that most people might not consider, as well as the usual suspects.
Let’s consider some of each group, starting with the basics:
Common Mobile Device Security Practices
- Passwords/PINs - We will repeatedly state how important it is to use secure passwords and PINs, and the NSA agrees. They say that devices should be set to lock themselves after five minutes of inactivity and automatically wipe themselves after 10 incorrect attempts to provide the code… which they establish as the minimum requirement for having a six-digit access number.
- Application selectivity - According to the NSA, one should always be careful of the data one puts into any application. There should always be a minimal number of applications installed, exclusively from official platform app stores. All applications should also be fully closed when not in use.
- Location services - The NSA recommends disabling these capabilities whenever they are not actively in use, as you should with BluetoothⓇ connectivity.
- Software updates - The National Security Agency recommends updating mobile device software and applications “as soon as possible.”
More Specific Mobile Device Security Practices
- Pick a protective case - The NSA recommends seeking out a case for your mobile device that covers the camera when not in use and blocks ambient audio from elsewhere in the room.
- Speak softly - It is also recommended that you refrain from having conversations about sensitive topics on or even around mobile devices, at least those that aren’t encrypted via secure voice capabilities.
- Be specific about accessories - The NSA establishes that only trusted accessories—and never public ones—should be connected to a mobile device. Avoid charging the device in public charging stations.
- Leave the device alone - Some more advanced users (or those who Google things) may be tempted to jailbreak or root their mobile devices. This means that they could install otherwise unapproved applications or access the OS' subsystems, respectively. Since this also means the device is more vulnerable to threats, it should not be attempted.
It’s Important to Recognize How Simple it Is to Be Vulnerable
The long and the short of it is that cyberattacks are always improving, seeking out untapped opportunities to spread more threats and steal more data, which means that your business’ technology needs to be secured… regardless of its form factor.
That’s where Indevtech comes in. We help businesses maintain their IT for both productivity and security, and we could help yours, too. Give us a call at (808) 529-4605 to learn more.