If you are having trouble accessing this website or parts of it, please call 1-800-832-0034 or email [email protected] and we will provide you with assistance.
 

BLOG

Resources for Educators
& Professionals

 

How Instructors Can Teach Mobile Cybersecurity

by  Dr. Gene Lloyd     Oct 17, 2025
cellphone cybersecurity

One of the most highly needed capabilities in cybersecurity today is the need for mobile security when traveling away from a normally secure operating location. We often teach students how to manage and secure networks, while letting the security needs of the traveling employees fall through the cracks. Many network security incidents have occurred due to the equipment and software used by these traveling employees and the insecure networks they sometimes need to use. This is compounded by nation-state intelligence operations when traveling in certain foreign countries that look to siphon up any data they can from foreigners. It would be wise for cybersecurity professors to include content in their courses that covers this particular area, as it is becoming even more common in business today. A good place to start is with secure communications.

The Role and Limitations of VPNs 

Most people would immediately think of using a virtual private network (VPN) when considering securing a remote connection, and they would be choosing a solid solution for an encrypted connection. Professors should explain to students the nuances of how VPNs can be used and the situations where they are most effective. A VPN connection established between a laptop and the home network provides a high degree of security, but the other, more popular variations of VPNs available today only provide a measure of privacy. Privacy-based VPN services only move the potential for eavesdropping to a different location, and because these services typically require payment via a credit card, it is easy for a service provider employee to track a person’s web activity.

The ability to monitor a user’s web traffic is a common lesson in any computer science program. Professors already do a great job teaching students how to monitor traffic, and, because this monitoring can be conducted from any device along the communication path, students should already be cognizant of the fact that encrypting communication on one portion of the internet does not negate the possibility of it being monitored on other portions of the internet. A privacy-based VPN simply does not provide the measure of end-to-end privacy necessary for completely secure communications. Professors should be teaching that individuals who need this level of privacy could utilize non-persistent operating systems designed to provide a high degree of anonymity.

Choosing Privacy-Based Operating Systems 

A more effective option for a greater degree of security would be to use a customized privacy-based operating system that can be booted from a USB drive or run from inside a virtualized environment. Professors can show that these operating systems establish anonymous internet connections through multiple VPNs that are part of The Onion Router (TOR) network without requiring any form of payment or login credentials. They also operate completely out of system memory, leaving no trace of activity on the host system after the session is powered off. This, of course, is not a completely perfect solution, as one does not know the location and operator of the various TOR VPNs, but it would be very difficult to trace activity to a specific person using these methods. Another capability students can be trained to provide is secure file storage on mobile devices.

Many people travel with USB drives to transport files between locations, and sometimes these files are sensitive enough that they require a higher degree of security. Professors should teach their students how to configure file encryption capabilities that can maintain the privacy of sensitive files. Creating an encrypted volume on a USB drive with a tool such as VeraCrypt will provide an encrypted vault where any sensitive files can be safely stored. One of VeraCrypt’s strengths is that it fills the entire volume with random data, which provides the added ability to nest a secondary hidden container inside a primary container. These nested containers are virtually impossible to detect and allow for plausible deniability if someone forces the user to decrypt the container. In these rare situations, one could provide access to some files while keeping the more sensitive files in an encrypted state. The ability to secure data in this way has not always been available to the general public, but it is a capability anyone can use today when important files need to be protected.

Layered Security and the Importance of Cryptography 

The key to good network security is to establish enough layers of protection that nefarious actors will have difficulty successfully running an operation. The same is true in mobile security, with the added concern that physical security is more difficult to control. If cybersecurity students understand the power of cryptography in communications and data at rest, they can apply cryptographic capabilities in a variety of ways to provide a high degree of protection for remote workers and those working remotely. And these same cryptographic methods can also be applied to voice communications.

Encrypted Voice Communications 

Applications like Signal include the ability to establish encrypted phone calls between two parties. These are free applications that can be installed on any smartphone and allow sensitive information to be passed over voice calls. This is a less-used capability of the Signal application. Cybersecurity students and professors are aware of the various encrypted messaging platforms, but few take the time to utilize this very valuable feature. It should be included in any course that covers cryptography or mobile security.

Training the Next Generation of Cybersecurity Professionals 

Every cybersecurity student needs to be trained in how to protect a static, unmovable network and on systems and devices that need to be operated in other locations. In today’s increasingly mobile environment, where many actions take place away from the traditional office, data and communications must continue to be protected. Average users are not always aware of the potential cybersecurity dangers, and so, we must train the new batch of cybersecurity professionals to extend protection to all aspects of digital capabilities. This is the way we maintain security now and into the future.

Stay Connected

Categories

Clear

Search Blogs

Featured Posts

How Instructors Can Teach Mobile Cybersecurity

by  Dr. Gene Lloyd     Oct 17, 2025
cellphone cybersecurity

One of the most highly needed capabilities in cybersecurity today is the need for mobile security when traveling away from a normally secure operating location. We often teach students how to manage and secure networks, while letting the security needs of the traveling employees fall through the cracks. Many network security incidents have occurred due to the equipment and software used by these traveling employees and the insecure networks they sometimes need to use. This is compounded by nation-state intelligence operations when traveling in certain foreign countries that look to siphon up any data they can from foreigners. It would be wise for cybersecurity professors to include content in their courses that covers this particular area, as it is becoming even more common in business today. A good place to start is with secure communications.

The Role and Limitations of VPNs 

Most people would immediately think of using a virtual private network (VPN) when considering securing a remote connection, and they would be choosing a solid solution for an encrypted connection. Professors should explain to students the nuances of how VPNs can be used and the situations where they are most effective. A VPN connection established between a laptop and the home network provides a high degree of security, but the other, more popular variations of VPNs available today only provide a measure of privacy. Privacy-based VPN services only move the potential for eavesdropping to a different location, and because these services typically require payment via a credit card, it is easy for a service provider employee to track a person’s web activity.

The ability to monitor a user’s web traffic is a common lesson in any computer science program. Professors already do a great job teaching students how to monitor traffic, and, because this monitoring can be conducted from any device along the communication path, students should already be cognizant of the fact that encrypting communication on one portion of the internet does not negate the possibility of it being monitored on other portions of the internet. A privacy-based VPN simply does not provide the measure of end-to-end privacy necessary for completely secure communications. Professors should be teaching that individuals who need this level of privacy could utilize non-persistent operating systems designed to provide a high degree of anonymity.

Choosing Privacy-Based Operating Systems 

A more effective option for a greater degree of security would be to use a customized privacy-based operating system that can be booted from a USB drive or run from inside a virtualized environment. Professors can show that these operating systems establish anonymous internet connections through multiple VPNs that are part of The Onion Router (TOR) network without requiring any form of payment or login credentials. They also operate completely out of system memory, leaving no trace of activity on the host system after the session is powered off. This, of course, is not a completely perfect solution, as one does not know the location and operator of the various TOR VPNs, but it would be very difficult to trace activity to a specific person using these methods. Another capability students can be trained to provide is secure file storage on mobile devices.

Many people travel with USB drives to transport files between locations, and sometimes these files are sensitive enough that they require a higher degree of security. Professors should teach their students how to configure file encryption capabilities that can maintain the privacy of sensitive files. Creating an encrypted volume on a USB drive with a tool such as VeraCrypt will provide an encrypted vault where any sensitive files can be safely stored. One of VeraCrypt’s strengths is that it fills the entire volume with random data, which provides the added ability to nest a secondary hidden container inside a primary container. These nested containers are virtually impossible to detect and allow for plausible deniability if someone forces the user to decrypt the container. In these rare situations, one could provide access to some files while keeping the more sensitive files in an encrypted state. The ability to secure data in this way has not always been available to the general public, but it is a capability anyone can use today when important files need to be protected.

Layered Security and the Importance of Cryptography 

The key to good network security is to establish enough layers of protection that nefarious actors will have difficulty successfully running an operation. The same is true in mobile security, with the added concern that physical security is more difficult to control. If cybersecurity students understand the power of cryptography in communications and data at rest, they can apply cryptographic capabilities in a variety of ways to provide a high degree of protection for remote workers and those working remotely. And these same cryptographic methods can also be applied to voice communications.

Encrypted Voice Communications 

Applications like Signal include the ability to establish encrypted phone calls between two parties. These are free applications that can be installed on any smartphone and allow sensitive information to be passed over voice calls. This is a less-used capability of the Signal application. Cybersecurity students and professors are aware of the various encrypted messaging platforms, but few take the time to utilize this very valuable feature. It should be included in any course that covers cryptography or mobile security.

Training the Next Generation of Cybersecurity Professionals 

Every cybersecurity student needs to be trained in how to protect a static, unmovable network and on systems and devices that need to be operated in other locations. In today’s increasingly mobile environment, where many actions take place away from the traditional office, data and communications must continue to be protected. Average users are not always aware of the potential cybersecurity dangers, and so, we must train the new batch of cybersecurity professionals to extend protection to all aspects of digital capabilities. This is the way we maintain security now and into the future.

Tags

Clear