NSA outlines Wi-Fi safety best practices

To help remote workers stay secure, the National Security Agency issued guidance on securing wireless devices in public.

To help remote workers remain secure, the National Security Agency issued guidance on securing wireless devices in public.

The July 30 guidance is directed at teleworkers in the national security system, the Department of Defense and the defense industrial base and includes best practices for securing devices when conducting business in public settings.

“The methods used to compromise devices and data are constantly evolving,” NSA officials said. “As telework becomes more common, users are more frequently bringing themselves and their data into unsecured settings and risking exposure. By following the guidance  … users can identify potential threats and put best practices into action when teleworking in public settings.”

Generally, users should avoid connecting to public Wi-Fi networks and use a corporate or personal Wi-Fi hotspot with strong authentication and encryption. If users must connect to public Wi-Fi, they should use a virtual private network to encrypt the traffic and only visit websites that use Hypertext Transfer Protocol Secure (HTTPS), disable Wi-Fi when they are finished and “forget” the access point. Laptop users should be sure file and print sharing is turned off.

A better solution, NSA said, is the use of virtual machines that contain Wi-Fi drivers and applications for processing untrusted data. If a VM does become compromised, it can be discarded.

Bluetooth connections and near-field communications are likewise easily compromised, allowing malicious actors access to corporate data and networks, so users should disable those functions when not in use.  Additionally, Bluetooth users should ensure their devices are not in discover mode and consider an allow/deny list of applications. To protect against NFC compromise, users should not allow their devices near unknown electronic equipment in case it triggers an automatic communications.

NSA reiterated common-sense advice of not sharing passwords or sensitive data over Wi-Fi, limiting location features, using strong passwords and trusted accessories.

See the fact sheet here.

This article first appeared on GCN, a Defense Systems partner site.