30 July 2021

NSA publishes guidance on how to secure wireless devices in public settings


NSA publishes guidance on how to secure wireless devices in public settings

The US National Security Agency (NSA) released a set of recommendations on how to secure wireless devices in public settings. The new guidance is designed to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to their wireless devices and data.

“Cyber actors can compromise devices over Bluetooth, public Wi-Fi, and Near-Field Communications (NFC), a short-range wireless technology. This puts personal and organizational data, credentials, and devices at risk. Devices include laptops, tablets, mobile, wearable, and others that can connect to public wireless technologies,” the agency notes.

“If users must connect to public Wi-Fi, they should take necessary precautions, such as using a personal or corporate-provided virtual private network (VPN) to encrypt the traffic.”

The info sheet provides best practices for securing devices when conducting business in public settings, as well as steps users can take to secure their devices and data.

To reduce the risks, the agency advises to avoid connecting to public Wi-Fi, when possible, and use a corporate or personal Wi-Fi hotspot with strong authentication and encryption whenever possible. It also recommends users to disable Bluetooth and NFC while in public and not in use to prevent the exposure of the information that can be used to compromise the device.

Back to the list

Latest Posts

Windows MSHTML bug used in ransomware attacks, Microsoft says

Windows MSHTML bug used in ransomware attacks, Microsoft says

According to the Windows maker, in the wild exploitation of CVE-2021-40444 began on August 18.
17 September 2021
State-backed hackers actively exploiting recently disclosed Zoho RCE bug

State-backed hackers actively exploiting recently disclosed Zoho RCE bug

The targeted entities include academic institutions, defense contractors, as well as critical infrastructure entities.
17 September 2021
Free REvil/Sodinokibi ransomware universal decryptor released

Free REvil/Sodinokibi ransomware universal decryptor released

The tool works for all REvil victims whose files were encrypted in attacks prior to July 13, 2021.
17 September 2021
Featured vulnerabilities
Multiple vulnerabilities in cflinuxfs3
Medium Patched | 17 Sep, 2021
Information disclosure in cflinuxfs3
Medium Patched | 17 Sep, 2021
Information disclosure in Git
Medium Patched | 17 Sep, 2021
Multiple vulnerabilities in GLPI
Medium Patched | 17 Sep, 2021
Multiple vulnerabilities in cflinuxfs3
Medium Patched | 17 Sep, 2021