Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Cybersecurity Best Practices for Removable Media and Mobile Devices, Slides of Mobile Computing

Georgian Court University (GCU)Mobile Computing

Cybersecurity best practices for handling removable media and mobile devices in both organizational and personal contexts. Topics include approved media usage, data protection, traveling with devices, public use, and specific risks such as near field communication and gps tracking. The document emphasizes the importance of following organizational policies and securing sensitive information.

Typology: Slides

2021/2022

Uploaded on 09/12/2022

janeka
janeka 🇺🇸

4.1

(15)

260 documents

1 / 3

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
UNCLASSIFIED
Cyber Awareness Challenge 2022 Removable Media and Mobile Devices
1
UNCLASSIFIED
Removable Media and Mobile Devices
Removable media include flash media, such as thumb drives, memory sticks, and flash drives; external
hard drives; optical discs (such as CDs, DVDs, and Blu-rays); and music players (such as iPods). Other
portable electronic devices (PEDs) and mobile computing devices, such as laptops, fitness bands, tablets,
smartphones, electronic readers, and Bluetooth devices, have similar features. The same rules and
protections apply to both.
Use only removable media approved by your organization
Only use flash media or other removable storage when operationally necessary, owned by your
organization, and approved by the appropriate authority in accordance with policy
Do not use any personally owned/non-organizational removable media on your organization’s
systems
Do not use your organization’s removable media on non-organizational/personal systems
Never plug unauthorized devices into a government system
Be aware that wireless connections to the devices bring increased threats and vulnerabilities
Abide by the signed End User License Agreement for mobile devices
Understand and follow your organization’s Bring Your Own Device (BYOD) policy
Use of Removable Media and Mobile Devices
Your organization may severely restrict or prohibit the use of removable media and PEDs. Follow your
organization’s policies or contact your security POC with questions. If allowed, use appropriately:
Do not download data from the classified networks onto removable storage media
Encrypt data appropriately and in accordance with its classification or sensitivity level
As a best practice, label all removable media regardless of classification or environment and avoid
inserting removable media with unknown content into your computer
Store according to the appropriate security classification in GSA-approved storage containers
Mark all classified and sensitive material correctly
Ensure unclassified media in a classified environment is labeled appropriately
Label all media containing Privacy Act information, personally identifiable information (PII), or
protected health information (PHI) appropriately regardless of environment
Follow your organization’s policy for sanitizing, purging, discarding, and destroying removable
media
Destroy classified removable media in accordance with its classification level
pf3

Partial preview of the text

Download Cybersecurity Best Practices for Removable Media and Mobile Devices and more Slides Mobile Computing in PDF only on Docsity!

Cyber Awareness Challenge 2022 Removable Media and Mobile Devices 1

Removable Media and Mobile Devices

Removable media include flash media, such as thumb drives, memory sticks, and flash drives; external hard drives; optical discs (such as CDs, DVDs, and Blu-rays); and music players (such as iPods). Other portable electronic devices (PEDs) and mobile computing devices, such as laptops, fitness bands, tablets, smartphones, electronic readers, and Bluetooth devices, have similar features. The same rules and protections apply to both.

  • Use only removable media approved by your organization
  • Only use flash media or other removable storage when operationally necessary, owned by your organization, and approved by the appropriate authority in accordance with policy
  • Do not use any personally owned/non-organizational removable media on your organization’s systems
  • Do not use your organization’s removable media on non-organizational/personal systems
  • Never plug unauthorized devices into a government system
  • Be aware that wireless connections to the devices bring increased threats and vulnerabilities
  • Abide by the signed End User License Agreement for mobile devices
  • Understand and follow your organization’s Bring Your Own Device (BYOD) policy

Use of Removable Media and Mobile Devices

Your organization may severely restrict or prohibit the use of removable media and PEDs. Follow your organization’s policies or contact your security POC with questions. If allowed, use appropriately:

  • Do not download data from the classified networks onto removable storage media
  • Encrypt data appropriately and in accordance with its classification or sensitivity level
  • As a best practice, label all removable media regardless of classification or environment and avoid inserting removable media with unknown content into your computer
  • Store according to the appropriate security classification in GSA-approved storage containers
  • Mark all classified and sensitive material correctly
  • Ensure unclassified media in a classified environment is labeled appropriately
  • Label all media containing Privacy Act information, personally identifiable information (PII), or protected health information (PHI) appropriately regardless of environment
  • Follow your organization’s policy for sanitizing, purging, discarding, and destroying removable media
  • Destroy classified removable media in accordance with its classification level

Cyber Awareness Challenge 2022 Removable Media and Mobile Devices 2

Protecting Data on Removable Media and Mobile Devices

To protect data on your mobile computing and portable electronic devices (PEDs):

  • Lock your laptop/device screen when not in use and power off the device if you don’t plan to resume use in the immediate future
  • Enable automatic screen locking after a period of inactivity
  • Encrypt all sensitive data on laptops and on other mobile computing devices when possible
  • At a minimum, password protect Government-issued mobile computing devices; use two-factor authentication if possible
  • Secure your personal mobile devices to the same level as Government-issued systems
  • Understand your organization’s policy for using commercial cloud applications (e.g., Dropbox, Drive, etc.)
  • Maintain visual or physical control of your laptop and mobile devices at all times and especially when going through airport security checkpoints
  • Have a strategy for addressing a potential “authority situation” (e.g., police who want to inspect devices coincident with a traffic stop or an airport TSA agent check)
  • If lost or stolen, immediately report the loss to your security POC

Traveling with Mobile Devices

When traveling with mobile computing devices, including laptops and cell phones:

  • Be aware that information sent over public Wi-Fi connections may be exposed to theft, and the device may be exposed to malware
  • Fake Wi-Fi access points may be used for deception
  • Use public or free Wi-Fi only with the Government VPN Use caution when connecting laptops to hotel Internet connections. If you are directed to a login page before you can connect by VPN, the risk of malware loading or data compromise is substantially increased. When traveling overseas with mobile devices:
  • Be careful and do not travel with mobile devices, unless absolutely necessary
  • Report your travel if carrying a device approved under Bring Your Own Approved Device (BYOAD) policy so it can be unenrolled while out of the country
  • Assume that any electronic transmission you make (voice or data) may be monitored o Mobile phones carried overseas are often compromised upon exiting the plane
  • Physical security of mobile devices carried overseas is a major issue
  • Devices not in your custody or in secure U.S. Government facility storage should be assumed to be compromised