This Sunday, December 10th, 2017 marks the 69th anniversary of the United Nation's Human Rights Day and kicks off a year of commemorations, looking back to recognize the sacrifices of those who have led the way to the freedoms and rights people now enjoy around the world. Those who protested, picketed, marched and stood in line for days to vote. Those who litigated and negotiated. And those who were persecuted, imprisoned and killed.
Against the backdrop of contemporary American life, it’s easy to put the stories of the passionate few who picked up the charge and fought for change out of mind. So today we reflect on the victories and the victors. To celebrate those who fought for rights and freedoms that wouldn’t be realized until long after their lives had been recorded in history books. Caveats for the work that still needs to be done aside, these achievements make us all better off and the world a more hospitable place.
As a company, it is our mission to help our customers secure their most valued information from seizure by unwarranted third parties and protect their privacy. We are proud to play even a tiny part in protecting the freedoms, rights and liberties that others have given so much to achieve.
Somewhere in the fast-paced world of our digital lives has entered the notion that there is a sacrifice of privacy, security and freedom of movement, even self-identity to participate in the advancements of technology. We strongly dismiss that assumption. Sure, there will be forces that will take what we have not offered in terms of our personal and professional information – including our own government - but to simply give it away because it seems an uphill battle is to dishonor the people who fought so hard to gain these liberties in the first place.
Please, join us on this Human Rights Day in making a personal pledge to be mindful of your digital world. Watch out for obvious encroachments. And follow today’s best practices in keeping yourself and your information secure.
In addition to considering the Privoro SafeCase to protect against the loss of proximity data, best practices to consider include:
- Define the security context/goals for the phone and apply the commonly used framework of confidentiality, integrity and availability for its functions and data.
- Leverage full disk encryption provided by device manufacturers in combination with policies for strong passwords, short cycle auto-locks and device wipes after limited number of incorrect entries.
- For data in motion such as calling and texting/messaging: Leverage 3rdparty, open source, independently reviewed and vetted encrypted messaging apps such as Signal.
- For policy enforcement and scalable device management: Use mobile device management software.
- Create separate containers/environments in smartphones for work and personal use-by implementing an operating system that allows it.
- Use mobile threat management software to detect known (and in some, limited cases, unknown) mobile attacks, jailbreak detection, etc.
- Keep the device OS updated/patched.
- If developing custom, corporate apps: Verify and secure the development platform, apply secure coding best practices and ensure a plan and resources exists to keep apps updated on a timely basis.
- Use multi-factor authentication to increase access security to corporate resources.
- Use burner phones for international travel and/or take the phone off-grid (Faraday cage) while transiting high threat, choke point areas such as airports or while visiting confidential locations (e.g., M&A site visits, customer/partner meetings, etc.).
Secure smartphone sensors – microphones, cameras, and RF signals – when not in use or needed. Securing sensors prevents surveillance and the leakage of sensitive information, even if the phone has been compromised by legitimate or illegitimate sources.