Building a Digital Defense with Communications

The FBI’s Portland, Oregon office has published an advisory discussing best practices for communications, such as with personal and official email, messaging apps, and social media. As the advisory notes, users should be aware of the potential dangers of cyber attacks through these various channels and of the need to opt for secure methods of communication to reduce the likelihood of intrusion. The advisory groups best practices into encryption, message retention, and access. For the first, it observes there are numerous ways to implement encryption, a step that makes it difficult for an attacker to use information even if they get access to it. It recommends looking for trusted vendors of encrypted communications services for texts, emails, and voice communications. In terms of retention, it suggests disabling the “archive” and “save old messages” features on communications devices and applications, what it calls the “electronic equivalent of shredding documents.” Finally, for access, it advises only granting access to your systems for devices that have a bona fide need to connect. It discusses the methods of “white lists” and “black lists” for managing access. Read the advisory at the FBI.