The National Institute of Standards (NIST) have released revised guides providing advice for protecting the wide variety of private and mobile devices from threats. Together with the preponderance of dangerous malware on the Web, the vulnerability of wireless transmissions from mobile devices has created dramatic new security challenges. READ MORE
"In terms of remote access security, everything has changed in the last few years. Many Web sites plant malware and spyware onto computers, and most networks used for remote access contain threats but aren't secured against them," says Karen Scarfone of NIST's Computer Security Division. "However, even if teleworkers are using unsecured networks, the guide shows the steps organizations can take to protect their data."
Among these steps is the recommendation that an organization's remote access servers--the computers that allow outside hosts to gain access to internal data--be located and configured in ways that protect the organization. Another is to ensure that all mobile and home-based devices used for telework be configured with security measures so that exchanged data will maintain its confidentiality and integrity. Above all, Scarfone says, an organization's policy should be to expect trouble and plan for it.
"You should assume external environments contain hostile threats," she says. "This is a real philosophy shift from several years ago, when the attitude was essentially that you could trust the home networks and public networks used for telework."
The new guide provides recommendations for organizations. DOWNLOAD
A companion publication* offers advice for individual users on securing their own mobile devices. DOWNLOAD
"In terms of remote access security, everything has changed in the last few years. Many Web sites plant malware and spyware onto computers, and most networks used for remote access contain threats but aren't secured against them," says Karen Scarfone of NIST's Computer Security Division. "However, even if teleworkers are using unsecured networks, the guide shows the steps organizations can take to protect their data."
Among these steps is the recommendation that an organization's remote access servers--the computers that allow outside hosts to gain access to internal data--be located and configured in ways that protect the organization. Another is to ensure that all mobile and home-based devices used for telework be configured with security measures so that exchanged data will maintain its confidentiality and integrity. Above all, Scarfone says, an organization's policy should be to expect trouble and plan for it.
"You should assume external environments contain hostile threats," she says. "This is a real philosophy shift from several years ago, when the attitude was essentially that you could trust the home networks and public networks used for telework."
The new guide provides recommendations for organizations. DOWNLOAD
A companion publication* offers advice for individual users on securing their own mobile devices. DOWNLOAD
