Based on the recommendation by Cybersecurity and Infrastructure Security Agency (CISA)
A few months ago, the United States Cybersecurity and Infrastructure Security Agency (CISA) published a Capacity Enhancement Guide (CEG) to help consumers secure mobile devices. Below is the extract from CEG, and it applies to any device, especially those organizations that allow employees to connect to enterprise networks from personal devices.
Below are simple cyber hygiene steps everyone should follow to improve the cybersecurity of their mobile devices.
Keep your device(s) up to date
- Update platform — Enable automatic operating system updates to enhance privacy/security and fix flaws.
- Update apps — Enable automatic app updates to ensure you use the most current security technologies.
Use Strong Authentication
- Enable device authentication — Set strong login passwords/PINs and use biometric authentication.
- Enable two-factor authentication — Enable two-factor authentication for apps or websites that support it.
App Security Good Practices
- Use curated app stores — Disable third-party app stores, which can be vectors for the spread of malware.
- Delete unneeded apps — Periodically review and delete unused or no longer needed apps.
- Minimize PII in all apps — Limit personally identifiable information (PII) stored in apps.
- Grant least privilege access to all apps — Set the privileges on your installed apps to minimize access to PII.
- Review location settings — Only allow an app to access your location when it is in use.
Protect Network Communications
- Disable the not required network radios (BT, NFC, Wi-Fi, GPS) — Every connection is a potential point of attack.
- Avoid public Wi-Fi — Cybercriminals can use public Wi-Fi networks, often unsecured, for attacks.
Protect the Device
- Install security software — Security software (e.g., mobile threat defence) protects against malware.
- Use only trusted chargers and cables — A malicious charger or PC can load malware onto smartphones that may evade protections and take control of them. A phone infected with malware can also threaten external systems such as personal computers.
- Enable lost device function — Enable settings to automatically wipe the device’s data after a certain number of incorrect login attempts (e.g., 10) and enable the option to wipe the device remotely.
Ultimately, each of us should follow the above recommendations, and on top of those, we should be checking an email’s legitimacy before opening an attachment or a link. As well, not clicking on links in emails in your junk or spam folders will protect you from unwanted cyber incidents.
About the Author:
Vinoth Venkatesan
Vinoth is a cybersecurity professional by heart with over two decades of experience in Information Technology and Cybersecurity. He is an Australian Computer Society (ACS) Senior Certified Professional in Cybersecurity and holds various industry-leading cybersecurity credentials. Vinoth loves to write about the latest cybersecurity happenings and blockchain-related articles.