NSA Mobile Device Security Best Practices

You can now listen to this article
Subscribe
Voiced by Amazon Polly

Agency owners and staff know how important it is to protect private client information contained in your office systems.

However, I don’t remember hearing much about steps you should take to protect that same information on your staff’s mobile devices. Typically, agencies don’t require producers or other agency staff to use an agency-purchased mobile phone. Instead, they might offer a monthly allowance to help offset the cost of their phone.

Not being able to control this hacking exposure creates the risk of a hacker getting access to the mobile device and extracting private client information that might be contained on the phone. Or finding passwords that would allow them access to internal agency systems.

I stumbled across a publication from the National Security Agency (yes, that NSA) called Mobile Device Best Practices. It lists 16 steps anyone can take that will help to protect their mobile device from a hacker. These best practices outline steps anyone can take to protect personal devices and information better.

NSA Mobile Best Practices

As you can see from the graphic, there are many things to keep in mind. I am reasonably confident I will not take all of the steps consistently.

However, there is one recommended step that is easy to implement.

Turn your phone off and on weekly.

It’s that simple. If you’re like me, I never think about turning my phone off until there is some perceived problem. Then “rebooting” your phone becomes the first step in troubleshooting the problem.

However, setting a reminder on a repeating calendar item to turn your phone off and on weekly is an easy way to help thwart hackers that might try and get access information contained on your device.

I highly recommend you download this simple two-page guide and distributed it to all of your staff. Once again, a small amount of prevention could prevent a major catastrophe.

What steps have you taken to help protect agency-client information that might be contained on personal mobile devices?

Please note: I reserve the right to delete comments that are offensive or off-topic.

Leave a Reply

Your email address will not be published.

2 thoughts on “NSA Mobile Device Security Best Practices

  1. Thanks for sending this out Steve! I’m just starting a project to develop an agency BYOD (“Bring Your Own Device”) policy for all agency management and staff, and having the NSA guidelines will be a big help in defining our requirements. In addition to the NSA guidelines, I’m thinking of requiring anti-virus software on the phone as well. Any thoughts you can share with us on the current state of smart phone AV apps would be of interest to both I and my fellow readers I’m sure.

  2. Great article with invaluable information. Like you, I don’t think most of us consider the risk associated with information on our phones. Having the tools to mitigate that risk paramount. Thanks for sharing.