DOD MOBILE DEVICE SECURITY BEST PRACTICES DO DON’T

[Pages:2]DOD MOBILE DEVICE SECURITY BEST PRACTICES

(e.g. Laptop, BlackBerry, PDA, Removable Storage Media)

DO

DON'T

Obtain threat awareness training on Use wireless headsets

wireless usage in public areas

Use wireless hands free devices

Disable wireless devices (e.g., cell

Bring wireless enabled devices into

phones, BlackBerrys, Laptops) when

classified areas

not in use

Connect a BlackBerry device to public

Use Common Access Card (CAC) for

wireless Internet access points (i.e., Hot

authentication

Spots)

Password protect all wireless devices Leave a wireless device unattended

using 3 of the 4 attributes

Sync wireless devices to classified

1. Upper case alphabet character

computers

2. Lower case alphabet character Use text messaging services to discuss

3. Numeric character

sensitive information

4. Special character (For BlackBerrys and other PDAs use letters and numbers) Encrypt all classified and unclassified data at rest on removable storage media Remove and secure removable media and peripheral devices and secure them separately from the main device when not in use Lock and secure all devices when not in use

Perform financial, sensitive, or operational transactions in Hot Spots Accept Bluetooth connection requests from unknown sources Simultaneously connect devices using wired and wireless networks Use removable storage media unless specifically approved by your organization Use personally procured and/or owned removable storage media on DoD networks and computers

Immediately report lost or stolen DoD

wireless devices to your Security

Manager

THE CYBER WORLD IS DYNAMIC ? YOU ARE WORKING IN A CYBER WAR ZONE. STAY ALERT FOR POLICY UPDATES. FOR MORE INFORMATION, CONTACT YOUR SECURITY MANAGER

DOD MOBILE DEVICE SECURITY BEST PRACTICES

(e.g. Laptop, BlackBerry, PDA, Removable Storage Media)

DO

DON'T

Obtain threat awareness training on Use wireless headsets

wireless usage in public areas

Use wireless hands free devices

Disable wireless devices (e.g., cell

Bring wireless enabled devices into

phones, BlackBerrys, Laptops) when

classified areas

not in use

Connect a BlackBerry device to public

Use Common Access Card (CAC) for

wireless Internet access points (i.e., Hot

authentication

Spots)

Password protect all wireless devices Leave a wireless device unattended

using 3 of the 4 attributes

Sync wireless devices to classified

1. Upper case alphabet character

computers

2. Lower case alphabet character Use text messaging services to discuss

3. Numeric character

sensitive information

4. Special character (For BlackBerrys and other PDAs use letters and numbers) Encrypt all classified and unclassified data at rest on removable storage media Remove and secure removable media and peripheral devices and secure them separately from the main device when not in use Lock and secure all devices when not in use

Perform financial, sensitive, or operational transactions in Hot Spots Accept Bluetooth connection requests from unknown sources Simultaneously connect devices using wired and wireless networks Use removable storage media unless specifically approved by your organization Use personally procured and/or owned removable storage media on DoD networks and computers

Immediately report lost or stolen DoD

wireless devices to your Security

Manager

THE CYBER WORLD IS DYNAMIC ? YOU ARE WORKING IN A CYBER WAR ZONE. STAY ALERT FOR POLICY UPDATES. FOR MORE INFORMATION, CONTACT YOUR SECURITY MANAGER

DOD COMPUTING SECURITY BEST PRACTICES

DO

DON'T

Take the DoD IA Awareness Training

which details best security practices and current threats

Transfer data using commercial web email (e.g., Gmail, Yahoo) Download files from commercial web email

()

or entertainment sharing sites to DoD

Use digital signatures for DoD email Use encryption for performing financial

sensitive/operational transactions and

computers Open emails from unknown users Open suspicious email

when transferring Personal Identification Assume security is enabled on public

Information (PII) (e.g., SSN, DOB)

wireless Internet access points (ie., Hot

Notify your Security Manager when

Spots)

traveling OCONUS to ensure all

Discuss sensitive information in public

electronic devices have the latest

spaces

security updates

Place electronic devices in checked bags

Obtain threat brief before traveling

Use unknown computers for charging DoD

OCONUS

devices (e.g. USB chargers)

Consider taking back up or loaner

Have DoD devices serviced by

electronic devices on OCONUS travel

unauthorized personnel

Remove battery and media cards from Use DoD procured and/or owned

electronic devices when going through

removable storage media on non-

security check points

government networks and computers

Have electronic devices checked by

Move data between unclassified and

Security Manager after OCONUS travel

classified computing devices using

Remove your CAC from devices when

removable media

you are not physically present

Use the preview mode in your email viewer

Report suspicious emails and/or

Click on pop-up messages or unknown links

activities to your Security Manager

Store passwords on electronic devices or

online

THE CYBER WORLD IS DYNAMIC ? YOU ARE WORKING IN A CYBER WAR ZONE. STAY ALERT FOR POLICY UPDATES. FOR MORE INFORMATION, CONTACT YOUR SECURITY MANAGER

DOD COMPUTING SECURITY BEST PRACTICES

DO

DON'T

Take the DoD IA Awareness Training

which details best security practices and current threats

Transfer data using commercial web email (e.g., Gmail, Yahoo) Download files from commercial web email

()

or entertainment sharing sites to DoD

Use digital signatures for DoD email Use encryption for performing financial

sensitive/operational transactions and

computers Open emails from unknown users Open suspicious email

when transferring Personal Identification Assume security is enabled on public

Information (PII) (e.g., SSN, DOB)

wireless Internet access points (ie., Hot

Notify your Security Manager when

Spots)

traveling OCONUS to ensure all

Discuss sensitive information in public

electronic devices have the latest

spaces

security updates

Place electronic devices in checked bags

Obtain threat brief before traveling

Use unknown computers for charging DoD

OCONUS

devices (e.g. USB chargers)

Consider taking back up or loaner

Have DoD devices serviced by

electronic devices on OCONUS travel

unauthorized personnel

Remove battery and media cards from Use DoD procured and/or owned

electronic devices when going through

removable storage media on non-

security check points

government networks and computers

Have electronic devices checked by

Move data between unclassified and

Security Manager after OCONUS travel

classified computing devices using

Remove your CAC from devices when

removable media

you are not physically present

Use the preview mode in your email viewer

Report suspicious emails and/or

Click on pop-up messages or unknown links

activities to your Security Manager

Store passwords on electronic devices or

online

THE CYBER WORLD IS DYNAMIC ? YOU ARE WORKING IN A CYBER WAR ZONE. STAY ALERT FOR POLICY UPDATES. FOR MORE INFORMATION, CONTACT YOUR SECURITY MANAGER

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download