Archive

Go to:

November 2017
SMTWTFS
1234
567891011
12131415161718
19202122232425
2627282930
< Oct Dec >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

Connectivity Risks with Smart Devices Require Heightened Awareness
Tuesday, October 24, 2017 7:00 AM

In the age of smart phones and tablets, individuals are more connected than ever before; however, the risks associated with this connectivity require a heightened awareness of device security and proper management.

Small and medium businesses (SMBs) must also consider the cost savings benefits of a "bring your own device" (BYOD) program against the risks of company data in the hands of employees “on the go.” 

Below are some tips to effectively manage mobile devices at home and in the credit union:

For everyone:

  • Keep device software and apps up to date (while major releases may offer new features, minor device updates often address security and stability issues).
  • Turn on encryption (Android devices require you to enable this setting; iOS devices will use encryption automatically once a passcode is set).[4]
  • Use a strong access passcode/password.[4]
  • Use biometrics, such as fingerprint or facial recognition features to complement passcodes.[4]
  • Guard your device and keep it locked when not in use.[2]
  • Turn on remote location services for lost devices such as "Find my Android/iPhone."[4]
  • Understand the details and permissions of apps before you install them.[1]
  • Periodically erase unused or preinstalled apps you don’t need, and consider reviewing your network settings that can include insecure Wi-Fi networks no longer used.[4][2]
  • Disable wireless and Bluetooth when it is not being used.[4]
  • Avoid public Wi-Fi and/or install a VPN for use on public Wi-Fi.[4]
  • Factory reset phones before returning or exchanging for new devices.[4]
  • Enable settings that disallow excessive login attempts (to avoid brute-forcing).[3]

For businesses:

  • Establish an enforceable BYOD and/or mobile device policy.[3]
  • Promote user education and awareness of mobile device policies and associated risks.[3]
  • Whenever possible, utilize security best practices and treat phones and tablets as you would a laptop or other company owned devices.[3]
  • Utilize a mobile device management (MDM) program. According to CIO Magazine, a recent survey indicates that only 56 percent of SMBs with a BYOD policy utilize MDM[5]. Using an MDM[3] can allow businesses to:  
    • Require device encryption
    • Require strong passwords
    • Require VPNs
    • Remote wipe devices when lost, or when employees leave the company
    • Disallow access to company networks from unauthorized devices
  • Additional tips for businesses can be found here.

Additional resources:

Mobile Security Tip Card.pdf – A DHS published tip card.
Mobile Security One Pager.pdf – Another DHS published info card that can be distributed or posted in the workplace.

Resources Referenced:

  1. dhs.gov/sites/default/files/publications/Mobile%20Security%20One%20Pager_4.pdf
  2. dhs.gov/sites/default/files/publications/Mobile%20Security%20Tip%20Card_6.pdf
  3. computerweekly.com/tip/Best-practices-for-enterprise-mobile-device-security
  4. pen-testing.sans.org/blog/2016/03/10/mobile-device-security-checklist
  5. cio.com/article/3130474/mobile-device-management/5-affordable-mdm-options-for-small-businesses.html

_____________________________________­­_______________­­__
 
Assess Your Systems and Manage Your Risk

As technology changes, every credit union faces new security issues. Let Credit Union Resources help you stay on top of it—your future could depend on it. Our team of technology professionals provides guidance on compliance, shares best practices, and performs audits. We have a vested interest in your success, and your cybersecurity matters to us. To find out how we can help you manage cybersecurity and operational risks, contact:

Idrees Rafiq
469-385-6799
800-442-5762, ext. 6799
irafiq@curesources.coop

Deanna Brown
469-385-6464
800-442-5762, ext. 6464
dbrown@curesources.coop

About Credit Union Resources Inc.
Credit Union Resources is a service corporation that provides industry-leading solutions and expertise to credit unions across the country. Credit Union Resources is a wholly owned subsidiary of the Cornerstone Credit Union League, a regional trade association representing the interests of credit unions in Arkansas, Oklahoma, and Texas.