Secure Remote Working - Device Considerations
Overview and User Considerations | Technical Considerations | Secure Use of Collaboration Tools | Device Considerations |
---|
BackgroundWith the increase in BYOD (Bring Your Own Device) and remote working, it is important to be mindful of what and how devices are used to conduct business activities. Each type of device be it a router, smartphone, laptop or tablet can be used to remote work which if not properly secured, become a target for compromise. It is important to remember that these devices and the software that runs on them should be used for unclassified and non-sensitive work only. This page will provide some tips and tricks as well as some common risks and security issues that come along with a BYOD model. Risks and Security ConcernsPersonal Devices in an enterprise work environment can create security risk some of which include:
These are a subset of a large list of potential areas of exploitation if a device is not secured adequately. Device Security RecommendationsUsing personal devices when working in an unclassified and non-sensitive environment is encouraged, however employee's should keep in mind best practices and recommendations when using these devices. Some general ways to protect personal devices of any kind include:
Smartphones enable us to have a direct connection to conferences, team meetings and collaboration applications. If left unprotected, devices can become and easy target for attackers. While there are many mobile devices such as smartphones, smartwatches, tablets, laptops, etc..., each device usually features the same types of communications, security settings, and in some cases share the same operating systems. BluetoothFor devices that have bluetooth capabilities, consider the following:
Authentication on Mobile DevicesThere are multiple ways of securing mobile devices such as using biometrics like a fingerprint or retina scan, and traditional passphrases or PIN numbers. While all of these are better than having no authentication at all, it is important that passphrases are robust, PIN numbers are random and uneasily guessable. An example of what NOT to do is to have your birth year as your PIN. This is easily guessable by the most trivial types of attackers, which can leave your device and data open for attack. When setting up authentication on these devices, consider the following:
Social Media and MessagingSocial media services surround our device and most of the time have broad access to areas of a device that are not commonly associated with social media apps such as Facebook, Instagram, and Twitter. In order to protect devices and personal information, consider:
Networking Devices and Internet AppliancesCloud ServicesCloud providers offer services that allow file storage, compute power, e-mail, office tools, and remote access (to name a few), which can be accessed remotely by logging into a control panel or server. Best practices when using these services include: encrypting sensitive data, use anti-malware and backup services provided by the cloud service provider (CSP), inquire on where the data is being physically stored. For more best practices and information on protecting a cloud environment visit the Cloud Security Initiative page on GCpedia. Canadian ShieldRecently, the Canadian Center for Cyber Security (CCCS) and the Canadian Internet Registration Authority (CIRA) have partnered in sharing cyber threat intelligence in order to protect Canadians and businesses from DNS server exploitation. CIRA Canadian Shield is a free protected DNS service provided by the Canadian Internet Registration Authority using intelligence provided by CCCS, that prevents you from connecting to malicious websites that might infect your device or steal your personal information. For more background and technical information, see the CCCS article on the new partnership. |