3.7 Bluetooth Policy

00:01

Welcome back to I t. Security policy here on side Berry.

00:05

This is still part of Module three, The Bluetooth policy with myself. Troy Lemaire here on Cyber Eri

00:12

Learning objective of this module will be version pins and pairing

00:16

the vice security settings, security audits, unauthorized use and user responsibilities in regards to Bluetooth.

00:27

So if we look at this policy, it's another Sands baseline template

00:32

overview.

00:33

There's the Bluetooth enabled device or exploding on the Internet and astonishing rate

00:38

and secure Bluetooth connections can interest number of potential serious, serious security issues.

00:44

The purpose of policy provided minimum baseline standard for connecting Bluetooth enabled devices

00:49

to the company's network, our company's own devices

00:52

and the intent of the minimum standards to ensure sufficient protection of P I. I. And if you would also have pH I or anything else that you would have within your organization?

01:03

No. But the policy. It applies to any Bluetooth enabled device that is connected to the company network. Our own devices.

01:11

If we take a look at the policy itself

01:14

version is the first part. No Bluetooth shall be deployed that does not meet a minimum of Bluetooth version 2.1 now this policy is owed. You would want to go with whatever the latest standard that you would want to use within your organization, and this would be need to look at on an annual basis. Probably. Just make sure

01:30

that there's nothing else out there that has been updated in the specifications.

01:36

We moved two pins impairing. Whenever you pair a device, you want to make sure that you're not in a public area where the pin could be compromised.

01:44

And if it asked you to enter your pin after you have initially paired, you must refuse The parent quest reported to info Sect through your help desk.

01:52

Vice Security settings. All blue two devices shall employ security mode three, which in Kurt's traffic in both directions between your Bluetooth device and it's paired equipment.

02:00

Using a minute, use a minimum pin length of eight longer. Pit pin provides more security,

02:07

which the Bluetooth device to hidden mode

02:09

only activated Bluetooth whenever it is needed and ensure device firm where is up to date.

02:15

These are all things that you would want to look at in this device. Security settings to be able to change or modify as the environment changes

02:24

security audits that info SEC team may perform random, modest in short compliancy

02:30

unauthorized, unauthorized use. The following is a list of unauthorized uses of own Bluetooth devices. You can't use it for eavesdropping or spoofing.

02:38

Can't use own Bluetooth equipment on non on Bluetooth enabled vices

02:44

and unauthorized modification. Bluetooth devices for any purpose.

02:49

We look at youse responsibilities. Bluetooth user responsibility to comply with this policy. Blue to move must be turned off when not in use.

02:57

Confidential sensitive data must be transmitted or stored on Bluetooth or must not be transmitted. Are stored on Bluetooth enabled devices

03:04

due to the users. May Onley access information using approved Bluetooth device hardware, software and solutions.

03:12

The Hardware software solution connection that did not meet the standards shall not be authorized for deployment,

03:17

and Bluetooth user must act appropriately. Protect information.

03:22

Bluetooth use are required to report any misuse,

03:24

loss or theft

03:25

to the Info SEC team.

03:34

So in summary, today's brief lecture We discussed the Bluetooth policy.

03:37

URGENT pins and pairings. The by security settings.

03:42

You're the audience,

03:43

unauthorized use and user responsibilities.

03:50

First, a recap question When pairing your Bluetooth unit to your Bluetooth enabled equipment ensure that you are not in a blank area where your pin can be compromised

04:00

and that would be in a public area.

04:04

Next recap. Question Bluetooth mode must be blank blank when not in use

04:13

that would be turned off when not in used.

04:17

So in the next lecture, we're gonna actually move on to another module with server policies. I look forward to you coming back enjoying us for that section and those modules.

04:28

As always, you need have any questions or need clarification. Message Marie at Troy Lemaire on the cyber Eri

04:34

message for him