The National Security Agency (NSA) maintains a list of NSA Cybersecurity Advisories & Guidance and recently released a list of Best Practices For Securing Your Home Network. These are certainly worth taking a look at and for folks worried about downloading a PDF from the NSA, I’ve listed the primary recommendations at the bottom of this blog.

While reviewing the document, though, I noticed a link to their Mobile Device Best Practices and wanted to pass that along as well. While some of the best practices are more geared towards people working in a classified environment, many of them are indeed just best practices. While I understand not wanted to be ever vigilant (or paranoid!), here are a few of the best practices that I regularly follow:

• Avoid public Wi-Fi. Today, mobile networks are so fast I generally find it easier to just use my device’s network. I also try to tether my laptop with my laptop vs. connecting to public Wi-Fi.
• I always apply software updates when they are available as many of them patch known (and sometimes actively exploited) security issues.
• Use biometrics as people can shoulder surf and discover your passcode which can lead to complete digital takeover.
• Generally avoid clicking on links in text messages as this is a common vector for identify theft and more.
• Only charge your device with a charge cord you own and preferable plug into a power outlet (vs into a device you don’t trust)

Best Practices For Securing Your Home Network

Here’s a summary of the recommendations but really, it’s OK to download their PDF and check of the full recommendations and the rationale behind them! :-)

Recommendations for device security

• Upgrade to a modern operating system and keep it up-to-date
• Secure routing devices and keep them up-to-date
• Implement WPA3 or WPA2 on the wireless network
• Implement wireless network segmentation
• Employ firewall capabilities
• Leverage security software
• Protect passwords
• Limit use of the administrator account
• Safeguard against eavesdropping
• Exercise secure user habits
• Limit administration to the internal network only
• Schedule frequent device reboots
• Ensure confidentiality during telework

Recommendations for online behavior

• Follow email best practices
• Upgrade to a modern browser and keep it up-to-date
• Take precautions on social networking sites
• Authentication safeguards
• Exercise caution when accessing public hotspots
• Do not exchange home and work content
• Use separate devices for different activities