Safeguarding Hardware Devices and Data (DDN2-A46)

Safeguarding Hardware Devices and Data

Have you ever left your laptop or phone unattended in a public place? You may have thought nothing of it, figuring that your device was safe enough. But you're playing with fire. And although your actions might seem harmless, when it comes to cyber security, they can have serious consequences.

Let's explore why safeguarding your hardware devices is important and examine ways to prevent potential cyber attacks.

Physical access means potential compromise

Should someone gain physical access to your laptop or mobile device, even for a short amount of time, they could not only read your messages and access, edit and steal your documents and information, they could also install malware and compromise your accounts. Believe it or not, it could happen with a simple action like plugging in a USB drive, running a script, or getting malware from a malicious website. Bad actors can also impersonate you by sending messages from your account. Think of it this way: you safeguard your privacy by protecting your devices against theft.

Let's take a closer look at the impact of poor cyber security practices on you and your organization.

Transcript

Tips for safeguarding your hardware devices

• When you're not using your mobile phone or laptop, make sure to store it in a secure location like a locked room, drawer or cabinet. Don't leave your devices unattended in your car or in a public place, like Abbas did. At the office, keeping your devices safe may involve measures like locking your laptop when you step away from your desk. In government offices and businesses, locked doors, ID card scanners, access cards, CCTV cameras and the presence of security officers all serve to protect hardware.
• Instead of using hard drive storage, use only corporate information management (IM) systems. These systems reduce the risk of data loss due to hardware failures, theft or accidental deletions. They come with built-in security features such as encryption and access controls, ensuring the protection of sensitive information. What's more, IM systems provide real-time communication and access, allowing for easy collaboration among team members regardless of their location.
• Don't travel with your GC work devices outside of Canada. Mobile devices, like all government devices, are issued for work purposes and are Protected B assets that hold sensitive data and provide access to government systems. The Policy on Service and Digital allows for limited personal use in Canada. However, government mobile devices should only be taken outside Canada in cases of approved business-related travel. More guidance specific to travel is available here.

Other measures that may be put in place by your organization's IT or security team:

• Encrypting devices, especially mobile ones like USB drives and laptops, for added security. Encryption is the process of converting information from one form to another to hide its content and prevent unauthorized access. It encodes (or scrambles) information to protect its confidentiality. Think of it as an extra layer of protection for the sensitive data stored on your device. With encryption, no one can access your data or programs without having your credentials. Your department already uses encryption for many applications, including encrypted messaging applications and secure browsing.
• Implementing Multi-Factor Authentication (MFA) for lock-screens. Locking your screen with MFA involves two elements: locking with something you know (a password, PIN or pattern), combined with something you have (fingerprint or a unique code generated by an authenticator app). The combination of a password or pin code and a thumbprint is a good way to protect your device from threat actors.
• Using a device finder, which is an application or tool designed to locate misplaced, stolen or lost devices. Such tools use GPS, Wi-Fi or Bluetooth technologies to pinpoint the exact or very near location of a device. For government work devices, it's put in place and managed by your IT team, who are there to help should you ever need to locate your work device.
• Ensuring devices have a remote wipe feature. Remote wipe is a security feature that remotely erases the data stored on mobile devices. In the government context, the process is initiated by your departmental IT team. The remote wipe feature protects data from being compromised or stolen if the device falls into the wrong hands. It's also a good idea to have data backup measures in place to prevent data loss.

By following these tips, you can safeguard your devices and data from cyber threats. Take the course Discover Cyber Security (DDN235) to learn more. And stay cyber alert!

Resources

• Course | Discover Cyber Security (DDN235)
• Course | Cyber Security in the GC and Online Exposure (DDN233)
• Course | Privacy in the Government of Canada (COR504)
• Course | Access to Information and Privacy Fundamentals (COR502)
• Article | Level Up Your Cyber Security Skills: Stay Ahead of Evolving Threats (DDN2-A19)
• Article | Cyber Security Tips to Protect Yourself (DDN2-A06)
• Video series: Discover Cyber Security