The National Security Agency (NSA) recently released guidance for the National Security System (NSS), Defense Department (DoD), and defense industrial base to help identify vulnerable internet connections and protect common wireless technologies while working on public networks.
“To ensure data, devices, and login credentials remain secure and uncompromised, cybersecurity is a crucial priority for users and businesses,” the guidance states. “This includes identifying higher-risk public networks and implementing security best practices while in public settings, whether connecting laptops, tablets, mobile phones, wearable accessories, or other devices with the ability to connect to the internet.”
NSA says that public Wi-Fi that is not configured securely can make users’ data and devices vulnerable to compromise if cyber actors employ malicious access points. NSA provided best practices for securing devices on public Wi-Fi, Bluetooth, and Near Field Communications (NFC).
NSA recommends avoiding using public Wi-Fi, if possible, and instead recommends using a corporate or personal Wi-Fi hotspot with strong authentication and encryption when possible. If connecting to public Wi-Fi, NSA says to use a personal or corporate-provided virtual private network (VPN) to encrypt traffic, as well as using secure browsing methods.
NSA recommends being wary of keeping a device’s Bluetooth feature enabled in public as “malicious actors can scan for active Bluetooth signals, potentially giving them access to information about the targeted device.”
NSA recommends that being aware of security risks with NFC – which offers the benefit of contactless payments and other close device-to-device data transfers – and, if possible, disable the function when it is not in use.