[BreachExchange] NSA outlines Wi-Fi safety best practices

Sophia Kingsbury sophia.kingsbury at riskbasedsecurity.com
Wed Aug 4 10:55:38 EDT 2021 

https://defensesystems.com/articles/2021/08/03/nsa-wifi-security.aspx

To help remote workers remain secure, the National Security Agency issued
guidance on securing wireless devices in public.

The July 30 guidance is directed at teleworkers in the national security
system, the Department of Defense and the defense industrial base and
includes best practices for securing devices when conducting business in
public settings.

“The methods used to compromise devices and data are constantly evolving,”
NSA officials said. “As telework becomes more common, users are more
frequently bringing themselves and their data into unsecured settings and
risking exposure. By following the guidance  … users can identify potential
threats and put best practices into action when teleworking in public
settings.”

Generally, users should avoid connecting to public Wi-Fi networks and use a
corporate or personal Wi-Fi hotspot with strong authentication and
encryption. If users must connect to public Wi-Fi, they should use a
virtual private network to encrypt the traffic and only visit websites that
use Hypertext Transfer Protocol Secure (HTTPS), disable Wi-Fi when they are
finished and “forget” the access point. Laptop users should be sure file
and print sharing is turned off.

A better solution, NSA said, is the use of virtual machines that contain
Wi-Fi drivers and applications for processing untrusted data. If a VM does
become compromised, it can be discarded.

Bluetooth connections and near-field communications are likewise easily
compromised, allowing malicious actors access to corporate data and
networks, so users should disable those functions when not in use.
Additionally, Bluetooth users should ensure their devices are not in
discover mode and consider an allow/deny list of applications. To protect
against NFC compromise, users should not allow their devices near unknown
electronic equipment in case it triggers an automatic communications.

NSA reiterated common-sense advice of not sharing passwords or sensitive
data over Wi-Fi, limiting location features, using strong passwords and
trusted accessories.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210804/3cfb5d3c/attachment.html>

More information about the BreachExchange mailing list