Mobile Security Dos and Don’ts
Mobile devices are one of the most pervasive and widely used technologies in the world today. With the rise of smartphones and tablets, mobile devices have become an integral part of daily life for millions worldwide. According to Statista, as of 2021, there are approximately 6.4 billion smartphone users worldwide, and this number is projected to reach over 7 billion by 2024.
Mobile devices are popular because they are portable, convenient, and offer a wide range of features and functionality. We tend to think of our mobile devices as “ours”, placing our trust in how they perform and not really considering what’s happening in the background. Mobile devices can be hacked, monitored, tracked, and invaded like any technology, and following mobile and computer security best practices is key to maintaining and safeguarding your data.
Additionally, mobile devices collect a wide range of personal information about their users such as location, usage, communications, and biometrics data all with the intent to personalize experiences, optimize services, and enhance advertising. This extensive data collection and reporting potentially creates a larger vulnerability than direct attacks or malware/viruses.
With the increase in work-related mobile device usage, without proper controls and management, mobile devices put the user, the company, and the data at risk, depending on your mission, that can be life-threatening and mission-impacting.
As a result, mobile security plays a large role in tactical/mission-oriented solutions. But while security in mobile devices is usually a fundamental part of the hardware design, not understanding the risks those solutions present can potentially compromise any designed-in security features.
Stay safe while using mobile devices.
If security is key, you can’t go around carrying commercial off-the-shelf (COTS) versions of the technology. While there is some security already built-in, it’s not enough in a situation where communications are contested and/or a mission is covert. CIS Secure provides a custom Android operating system (altOS) that replaces the COTS operating system to provides significant security and feature enhancements required in sensitive missions. Utilizing improved technology, such as altOS, still requires proper mobile operational security (OPSEC). Here are some general tips for staying safe on the go.
Good mobile devise best practices to employ:
- Manage your device, maintaining strict control.
- Prevent any/all unauthorized and untested updates from OS providers, Application providers, and carriers.
- Keep your device updated with the latest OS version and patches.
- Update your security software to ensure you have maximum malware and anti-virus protection.
- Analyze and Control applications installed on your device.
- Utilize an always-on VPN.
- Back up your information regularly.
- Use strong PINs and passwords.
- Utilize two-factor authentication.
- Set your device to lock after a brief period of inactivity.
- Know what permissions you are giving to apps before you accept their requests.
- Reboot your mobile device frequently.
Operational Security
Safe operation while in use:
- When you are not using your device, disable remote connectivity and Bluetooth.
- Use caution connecting to public wireless and don’t conduct any sensitive business on a public device.
- Download files only from trusted sources.
- Control location services and application access to International Mobile Equipment Identity (IMEI).
Caution to take when using public wifi:
- Public Wi-Fi is not always secure, look to utilize sites using wifi protected access (WPA) and WPA2 encryption.
- Always utilize a VPN and sites utilizing Secure Socket Layer (SSL) “https” when accessing the Internet.
- When you are done accessing data, log out.
- Use different passwords at the sites you visit.
- Avoid using public computers, such as in hotel business centers, libraries, and cyber cafes.
The good news about cellular networks
Generally speaking, you will always be safer using your device’s secure cellular network. With 5G, organizations will be able to “slice” the network, isolating specific devices or data from others based on user, device or other parameters.
AND never do this!
Even if only for a moment, never leave your device unlocked or unattended, including external storage devices. Immediately report stolen phones. And wipe data and reset phones to factory settings before disposing of them.
Be sure you’re secure.
When it comes to mobile security in the Intelligence Community and other sensitive government organizations, the goal is not just to protect the data. You have to protect the people, as well.
CIS Secure’s altOS™ mobile platform turns mobile devices into secure communications solutions that protect and defend. With altOS, one phone can contain multiple secure containers (aka multiple virtual phones in one device), enabling different profiles that use different security protocols and minimizing the number of devices each user must carry. The technology not only repels hackers, but also masks your location. altOS is integrated and managed by our robust management console. CIS Secure delivers a world of options for organizations looking to manage mission security. When CIS Secure devices are used in tandem with common-sense security practices like those above, mission security is assured.
To learn how CIS Secure can help secure your mission with personal protected mobile platform, schedule a call today.