Canadian Government Releases Unclassified Document Outlining Mobile Device Cybersecurity Strategies
With more and more people conducting personal and professional business on-the-go from their smartphones and tablets, the Government of Canada has recently released an unclassified document that contains reliable strategies for maintaining the highest levels of mobile device security. Check out our review and summary of the document below.
Government Issued Tips & Tricks for Maintaining Optimal Mobile Device Security
The last year has seen massive numbers of people migrate to predominantly virtual environments. Whether you’ve started working from home or you’ve just transitioned to doing your shopping online, chances are your smartphone and other mobile devices have become more essential than ever before.
The great thing is, mobile devices allow you to conduct professional and personal business conveniently, efficiently, and on-the-go. This means you can tackle your to-do list at any time and from anywhere. There really is no denying that the mobile device has become an invaluable tool for organizations and individuals alike. However, with the increased push of users to online environments, mobile device security has become a complex and more pressing concern.
Mobile devices – while convenient and innovative – can pose major threats to user data and organizational networks. The reality is, cybercriminals are taking advantage of the fact that more people are more connected than ever before. Mobile devices are prime targets largely because they contain huge amounts of confidential business and personal data. Mobile devices also offer an expedited route through which cybercriminals gain unauthorized access to WiFi networks, which poses an even broader set of risks.
That’s why it’s great that the Government of Canada’s Center for Cybersecurity has decided to release an unclassified document on the mobile device security tips they have created for and provided to government employees. Thanks to the release of this information, individuals, and organizations across the country can rest assured that they have access to basic mobile device security strategies that are trusted by even the highest levels of the Canadian government.
What You Need to Know: Key Information about Mobile Device Security Threats in Canada
Before we get into the tips, tricks, and strategies that the Government of Canada has laid out, it’s important to explore the information they’ve provided about what mobile device security threats look like in our country. This involves exploring what kind of threats we’re up against, the prime targets for mobile device security breaches, and the different ways those security breaches are carried out by cybercriminals.
Understanding the Threat Environment
The fact of the matter is, we’re dealing with a much more complex and fast-evolving cyber-threat environment than ever before. Cybercriminals are getting savvier, threats are constantly changing, and existing defenses like firewalls and anti-virus solutions are increasingly lagging behind existing threats. That’s why it’s critical that mobile device users understand the threat environment and keep the following reminders front-of-mind:
- Cybercriminals move fast – it’s critical that you keep your defenses up-to-speed with quickly-evolving threats.
- More and more hackers are arriving on the scene because hacking technology is free, easily accessible, and easy-to-use.
- Mobile device users are the top target for this increasingly large number of savvy cybercriminals.
- The confidential personal and professional data stored on smart-phones is of extremely high-value to these cybercriminals.
Who are the Prime Targets?
In addition to understanding the threat environment, it’s critical that all mobile device users understand who these threats apply to and the prime targets that these cybercriminals prey upon. Keep in mind that any mobile device user can be targeted, however, the government of Canada notes that the following groups and individuals are the most attractive targets for cybercriminals:
- Senior organizational executives and their assistants/staff members.
- Technical support staff like help desk operators and systems administrators.
- Any individual users or organizations that have direct access to various forms of sensitive information.
- Any individual users or organizations that conduct business remotely on mobile devices.
- Any individual users or organizations who are required to interact either directly or indirectly with members of the public.
What are the Leading Ways Mobile Devices are Targeted?
Finally, to have a thorough understanding of what you’re up against when it comes to mobile device threats, it’s critical to take a look at the key methods that cybercriminals deploy to gain unauthorized access to mobile devices and their supporting networks. Here are the different ways cybercriminals might try to get their hands on user, project, and systems data:
- Hacking your device so they can access and control it remotely – there’s even specific hacking technology that allows hackers to turn on and control your device without you knowing.
- Gaining physical access to your mobile device and tampering with the device itself.
- Exploiting the location tracking function in your mobile device to pinpoint your location.
- Sending phishing text messages with malicious links and prompts.
Strategies for Maintaining Strong Mobile Device Security
Now that we’ve gone through the key things you need to know about mobile device threats, let’s discuss some of the ways you can keep your mobile device secure and remain vigilant while conducting personal or professional business. Remember, the more time and effort you put into being proactive about mobile device security, the more likely you are to say a step ahead of savvy cybercriminals.
Everyday Strategies for Mobile Device Security
There are some simple yet powerful strategies you can put in place that will help to greatly reduce the mobile device security threats we’ve discussed above. Committing yourself to these strategies will help ensure you’re doing everything in your power to keep your sensitive or personal information locked-down.
- Conduct a threat-target assessment – try to consider all the different ways your mobile device might be exploited. Consider your daily routines and develop strategies for staying consistently on-guard.
- Always use a PIN or passcode to secure your devices. Also, consider deploying two-factor authentication tools to provide an additional layer of security.
- Always disable points of access that you’re not using. For instance, if you’re not actively using WiFi, Bluetooth, or GPS functions while working on your phone, switch them off to prevent them from being reached.
- Never join unknown, unsecured, or public WiFi networks unless it’s absolutely necessary.
- If you’re getting rid of an old device, be sure to wipe it of all stored information and reset it before selling it or passing it on to someone else.
- Never open files, click on links, or call phone numbers that you receive from unsolicited and unverified emails, text messages, or phone calls.
- Stop avoiding your software and network updates. Keep all software, operating systems, and applications consistently up-to-date to ensure security bugs are patched swiftly.
- Always make sure you review and understand the privacy and security policies for any applications you download to ensure they are sufficiently secured.
- Never use the “Remember Me” tool on websites or applications. While convenient, this function makes you more vulnerable. Always type in your username and password manually when you have to log in to any app or website.
- Make sure that all personal and confidential data and messages are encrypted.
- Stay up-to-date on existing threats and risks. Be aware of your surroundings, be extra vigilant in more risky situations, and keep track of your devices including device cables, chargers, and accessories.
Mobile Device Security Strategies for Travellers
In addition to everyday strategies for mobile device security, it’s important to consider the potential risks involved in using your mobile device when traveling outside of Canada. The more information you have before taking flight or hitting the road, the better prepared you’ll be to stay protected. Here are some things to consider before you start your trip:
- If you’re taking an organizational device, make sure you know the policies laid out by your organization about traveling and mobile-device use. This likely includes taking appropriate steps before, during, and after your trip to ensure the information on your mobile device stays secure.
- Keep in mind that in some countries, business centers and phone networks are highly monitored and rooms may even be swept and searched. Make sure you know the surveillance laws and policies for wherever you’re traveling.
- The more senior the employee, and the more sensitive the information they’re working with, the more likely they are to become a target while traveling and using a mobile device.
- Remember that mobile devices themselves are a prime target for pickpockets and thieves. If your mobile device is stolen, you need to consider the fact that any information contained within it could be accessed, shared, or used for malicious purposes.
Want to learn more?
The great thing about the Government of Canada’s cybersecurity effort is that they’ve created a whole collection of materials that are available to the public. We’ve included a list of links to other documents below. You can find additional resources and publications on a variety of topics and questions such as:
- Securing the Enterprise for Mobility
- Best Practices for Passphrases and Passwords
- Secure Your Accounts and Devices with Multi-Factor Authentication
- Have You Been Hacked?
- Cyber Security Tips for Remote Work
- Security Tips for Peripheral Devices
- Cybersecurity and Wireless Technologies
While the Government of Canada provides a whole wealth of resources for individuals and organizations alike, sometimes you might want some additional guidance or consultation to understand what you’re up against when it comes to cybersecurity – especially in an increasingly remote and virtual work world. In these cases, never hesitate to reach out to a team of professional cybersecurity experts. The right team of IT security consultants can help you better understand existing threats and develop strategies for addressing those threats head-on.
Looking for consultation and support on mobile device security or cybersecurity in general? We can help! Give us a call anytime at (613) 634-8125, or visit our website at www.onserve.ca to speak with a live agent and book a cybersecurity consultation.