FBI Portland
Portland Media Office
(503) 460-8060
March 17, 2020

Oregon FBI Tech Tuesday: Building a Digital Defense with Mobile Apps

The FBI has launched the “Protected Voices” initiative to help 2020 political campaigns and American voters protect against online foreign influence operations and cyber security threats. The Protected Voices campaign includes information and guidance from the FBI, the Department of Homeland Security, and the Office of the Director of National Intelligence.

This FBI Portland Tech Tuesday report is adapted from the Protected Voices initiative with a focus on providing cyber security information to political campaigns as well as businesses and individuals in Oregon. More information on all aspects of the initiative, including video downloads, can be found at www.FBI.gov/ProtectedVoices.

Welcome to the Oregon FBI’s Tech Tuesday segment. This week: building a digital defense with mobile apps. Last week we talked about browser security, but you should know that mobile application security is every bit as important.

There is a seemingly endless supply of apps available for your devices. Gaming, banking, messaging, and more. Everyone has an app that is supposed to make your life better. But what happens when someone brings a vulnerable app onto your network?

Ideally, you should only allow devices issued by your organization to connect to your network. Your business or campaign should come up with a list of popular, approved apps from reputable publishers that can be installed on devices connected to your network.

If the app is performing a service, like banking or shopping, only allow the specific app designated by the service provider (such as the specific bank or store). If the app isn’t on your approval list, then it shouldn’t be installed on a device linked to your network. Don’t let mobile apps access any information on your device unless it’s absolutely critical to the functionality of the app.

If your organization does allow personal devices to connect to the office network, make sure those devices are virtual private networks, or VPNs. You should routinely check any personal or office-owned device connected to your networks for strange behavior, such as odd call or data usage.

As with browsers, it is very important that you keep your apps updated. Also, make sure the apps are owned by reputable companies, preferably in the U.S. Other countries may have different laws about what app companies must provide to foreign governments, which means your information on a foreign-owned app may have less legal protection than it would in the U.S.

These tips won’t protect you against every kind of cyber attack, but they will make you a less attractive target for attackers.

Remember your voice matters, so protect it. Go to www.FBI.gov/ProtectedVoices for more information.