CISA’s Mobile Device Cybersecurity Checklist for Organizations

Table of contents

• CISA’s Mobile Device Cybersecurity Checklist for Organizations
  • Security-focused device management
  • Strong Authentication
  • App Security
  • Network Communication
  • Device Protection
  • Protecting Enterprise Systems from Device
• About CISA
• Conclusion

With increasing digitization, the number of threats faced by enterprises and consumers is also increasing, and they are becoming more grave and malicious every day. Last year, we shared 8 best practices you must adopt for your enterprise to strengthen cybersecurity. As the attacks advanced, so did the security measures, and a few days back we shared how you can use artificial intelligence in cybersecurity to secure your enterprise. The process of securing your enterprise against cyberattacks isn’t a one-time thing. You need to continuously keep yourself updated in terms of the threats out there as well as your own capabilities to defend yourself.

This is an area where even governments around the world are putting in efforts, in collaboration with cyber security organizations to protect enterprises and consumers globally.

To that end, just last week, The Cybersecurity and Infrastructure Security Agency (CISA) created an Enterprise Mobility Management (EMM) system checklist for enterprises to mitigate vulnerabilities and to help them secure themselves against cyber threats.

CISA’s Mobile Device Cybersecurity Checklist for Organizations

The guide lists some easy-to-implement steps that organizations can take across six areas: security-focused device management, user authentication, mobile app security, network protection, device protection as well as protecting enterprise systems from the device. Let’s take a look at what CISA recommended in their checklist:

Security-focused device management

• Enterprises should be careful about supply chain risks while selecting devices and enable automatic updates on each device so that the latest updates are applied to each device instantly
• Enterprises should make sure that only trusted devices are allowed. To qualify as a “trusted device,” a device must:
  • Have the latest platform patch level
  • Be configured as per enterprise standards of EMM.
  • Not be rooted or jailbroken.
  • Undergo continuous monitoring

If any device doesn’t meet the above criteria, it is considered an untrusted device and should be denied access to any of the enterprise resources.

Strong Authentication

• Use strong passwords and PINS for devices and the passwords should be at least six digits.
• Enable the use of biometric authentication such as fingerprint or face recognition
• Two-factor authentication should be enabled for accessing enterprise networks

App Security

• Use only curated app stores and disable all third-party app stores. Third-party app stores can spread malware
• Enterprise apps should be isolated from personal apps. This should be done to avoid exfiltration between enterprise and personal apps. To isolate enterprise data, security container technology should be used
• Minimize personal identifiable information that is stored in apps. This will make it difficult for attackers to steal data.
• By default, disable sensitive permissions when you install new apps.
• Restrict the backing up of enterprise data by disabling OS/app synchronization

Network Communication

• Disable the network radios such as Bluetooth, Wifi, GPs, etc that are not in use or required. Each network connection is a potential entry point for attackers that can be used to steal data or control a device.
• Attackers can use user certificates to hide malware and facilitate attacks. To avoid this, user certificated should be disabled and considered untrustworthy
• Secure your communication apps and protocols because often, network attacks allow attackers to tamper with data in transit, resulting in data leak, credentials thrift, user tracing, and more

Device Protection

• Implement a Mobile Threat Defense (MTD) system. The system can protect devices from malicious software that can pose a threat to apps and operating systems and can also access sensitive data. MTD systems are also capable of detecting improper configurations.
• Use only trusted chargers and cables with the device. Malware can also be introduced through chargers or PCs and enable attackers to take control of the device.
• Configure organization devices to function in a USB restricted mode that disables data transfer between devices
• Configure the settings to automatically delete a device’s data if there have been a certain number of incorrect login attempts

Protecting Enterprise Systems from Device

Disable mobile device connectivity to critical enterprise systems as mobile devices can carry malware and create problems from business-critical applications, servers, and systems

Discourage users to establish connectivity between mobile devices and critical systems using USB or wireless mode

About CISA

The Cybersecurity and Infrastructure Security Agency (CISA), USA, leads the national effort to understand, manage, and reduce risk to the country’s cyber and physical infrastructure. They connect their stakeholders in industry and government to each other and to resources, analysis, and tools to help them build their own cyber, communications, and physical security and resilience, in turn helping to ensure a secure and resilient infrastructure for the American people. They are the Operational Lead for Federal Cybersecurity or the Federal “dot gov” as well as the National Coordinator for Critical Infrastructure Security and Resilience.

Source: CISA

Conclusion

As enterprises worldwide undergo digital transformation and adopt digital solutions, the need for securing those digital efforts becomes as critical as the solution itself. Without securing your digital ecosystem, you not only put your enterprise at risk but also your customers by making their data and privacy vulnerable to attacks and easily accessible by attackers. Other than the need for obvious security, another reason why you should level up your cybersecurity measures is that customers today not only look into customer experience as a parameter to choose you but also the level of privacy and data security that you offer. As an enterprise leader, if you’re thinking about how you can begin or fortify your existing cybersecurity measures, feel free to get in touch with us.