DOD MOBILE DEVICE SECURITY BEST PRACTICES (e.g. Laptop, BlackBerry, PDA, Removable Storage Media) DO DON’T Obtain threat awareness training on Use wireless headsets wireless usage in public areas Use wireless hands free devices Disable wireless devices (e.g., cell Bring wireless enabled devices into phones, BlackBerrys, Laptops) when classified areas not in use Connect a BlackBerry device to public Use Common Access Card (CAC) for wireless Internet access points (i.e., Hot authentication Spots) Password protect all wireless devices Leave a wireless device unattended using 3 of the 4 attributes Sync wireless devices to classified 1. Upper case alphabet character computers 2. Lower case alphabet character Use text messaging services to discuss 3. Numeric character sensitive information 4. Special character (For Perform financial, sensitive, or BlackBerrys and other PDAs use operational transactions in Hot Spots letters and numbers) Accept Bluetooth connection requests Encrypt all classified and unclassified from unknown sources data at rest on removable storage Simultaneously connect devices using media wired and wireless networks Remove and secure removable media Use removable storage media unless and peripheral devices and secure specifically approved by your organization them separately from the main device Use personally procured and/or owned when not in use removable storage media on DoD Lock and secure all devices when not networks and computers in use Immediately report lost or stolen DoD wireless devices to your Security Manager THE CYBER WORLD IS DYNAMIC – YOU ARE WORKING IN A CYBER WAR ZONE. STAY ALERT FOR POLICY UPDATES. FOR MORE INFORMATION, CONTACT YOUR SECURITY MANAGER DOD MOBILE DEVICE SECURITY BEST PRACTICES (e.g. Laptop, BlackBerry, PDA, Removable Storage Media) DO DON’T Obtain threat awareness training on Use wireless headsets wireless usage in public areas Use wireless hands free devices Disable wireless devices (e.g., cell Bring wireless enabled devices into phones, BlackBerrys, Laptops) when classified areas not in use Connect a BlackBerry device to public Use Common Access Card (CAC) for wireless Internet access points (i.e., Hot authentication Spots) Password protect all wireless devices Leave a wireless device unattended using 3 of the 4 attributes Sync wireless devices to classified 1. Upper case alphabet character computers 2. Lower case alphabet character Use text messaging services to discuss 3. Numeric character sensitive information 4. Special character (For Perform financial, sensitive, or BlackBerrys and other PDAs use operational transactions in Hot Spots letters and numbers) Accept Bluetooth connection requests Encrypt all classified and unclassified from unknown sources data at rest on removable storage Simultaneously connect devices using media wired and wireless networks Remove and secure removable media Use removable storage media unless and peripheral devices and secure specifically approved by your organization them separately from the main device Use personally procured and/or owned when not in use removable storage media on DoD Lock and secure all devices when not networks and computers in use Immediately report lost or stolen DoD wireless devices to your Security Manager THE CYBER WORLD IS DYNAMIC – YOU ARE WORKING IN A CYBER WAR ZONE. STAY ALERT FOR POLICY UPDATES. FOR MORE INFORMATION, CONTACT YOUR SECURITY MANAGER DOD COMPUTING SECURITY BEST PRACTICES DO DON’T Transfer data using commercial web email Take the DoD IA Awareness Training (e.g., Gmail, Yahoo) which details best security practices and current threats Download files from commercial web email (http://www.dodiatraininghq.com/) or entertainment sharing sites to DoD computers Use digital signatures for DoD email Open emails from unknown users Use encryption for performing financial sensitive/operational transactions and Open suspicious email when transferring Personal Identification Assume security is enabled on public Information (PII) (e.g., SSN, DOB) wireless Internet access points (ie., Hot Notify your Security Manager when Spots) traveling OCONUS to ensure all Discuss sensitive information in public electronic devices have the latest spaces security updates Place electronic devices in checked bags Obtain threat brief before traveling Use unknown computers for charging DoD OCONUS devices (e.g. USB chargers) Consider taking back up or loaner Have DoD devices serviced by electronic devices on OCONUS travel unauthorized personnel Remove battery and media cards from Use DoD procured and/or owned electronic devices when going through removable storage media on non- security check points government networks and computers Have electronic devices checked by Move data between unclassified and Security Manager after OCONUS travel classified computing devices using Remove your CAC from devices when removable media you are not physically present Use the preview mode in your email viewer Report suspicious emails and/or Click on pop-up messages or unknown links activities to your Security Manager Store passwords on electronic devices or online THE CYBER WORLD IS DYNAMIC – YOU ARE WORKING IN A CYBER WAR ZONE. STAY ALERT FOR POLICY UPDATES. FOR MORE INFORMATION, CONTACT YOUR SECURITY MANAGER DOD COMPUTING SECURITY BEST PRACTICES DO DON’T Transfer data using commercial web email Take the DoD IA Awareness Training (e.g., Gmail, Yahoo) which details best security practices and current threats Download files from commercial web email (http://www.dodiatraininghq.com/) or entertainment sharing sites to DoD computers Use digital signatures for DoD email Open emails from unknown users Use encryption for performing financial sensitive/operational transactions and Open suspicious email when transferring Personal Identification Assume security is enabled on public Information (PII) (e.g., SSN, DOB) wireless Internet access points (ie., Hot Notify your Security Manager when Spots) traveling OCONUS to ensure all Discuss sensitive information in public electronic devices have the latest spaces security updates Place electronic devices in checked bags Obtain threat brief before traveling Use unknown computers for charging DoD OCONUS devices (e.g. USB chargers) Consider taking back up or loaner Have DoD devices serviced by electronic devices on OCONUS travel unauthorized personnel Remove battery and media cards from Use DoD procured and/or owned electronic devices when going through removable storage media on non- security check points government networks and computers Have electronic devices checked by Move data between unclassified and Security Manager after OCONUS travel classified computing devices using Remove your CAC from devices when removable media you are not physically present Use the preview mode in your email viewer Report suspicious emails and/or Click on pop-up messages or unknown links activities to your Security Manager Store passwords on electronic devices or online THE CYBER WORLD IS DYNAMIC – YOU ARE WORKING IN A CYBER WAR ZONE. STAY ALERT FOR POLICY UPDATES. FOR MORE INFORMATION, CONTACT YOUR SECURITY MANAGER .