This post is also available in: עברית (Hebrew)
The US Department of Homeland Security (DHS) has submitted a report to Congress that details current and emerging threats to the Federal government’s use of mobile system and devices and recommends security improvements within the mobile device ecosystem.
The report, led by the research of the DHS Science and Technology Directorate (S&T), was written in cooperation with the National Institute of Standards and Technology and its National Cybersecurity Center of Excellence.
“The Study on Mobile Device Security has found that threats to the mobile device ecosystem are growing, but also that the security of mobile computing is improving,” said Dr. Robert Griffin, Under Secretary for Science and Technology. “It outlines several important recommendations to strengthen security that will help the Federal government keep pace with current and emerging threats.”
Along with S&T, several DHS other players contributed to the mobile device security study, among them the National Protection and Programs Directorate (NPPD) and the NPPD United States Computer Emergency Readiness Team (US-CERT).
According to newswise.com, the improvement in security can be attributed to significant safeguards implemented by mobile operating system vendors and Federal departments and agencies implementing enterprise mobility management systems to manage their mobile devices and applications. Meanwhile, the areas that need improvement will provide the opportunity for the Federal government, industry and the research community to work together to solve the gaps in mobile device defenses. The study also found that the threats to the Federal government’s use of mobile devices exist across all elements of the mobile ecosystem.
Threats to mobile devices range from those perpetrated by nation-states, organized crime or hackers to loss or theft of mobile phones. Additionally, threats that target consumers — such as social engineering, ransomware, banking fraud, eavesdropping, identity theft, and theft of services or sensitive data — also impact Federal government users, according to the study.
Further, Federal government mobile device users may be targeted with additional threats simply because they are public-sector employees.
The study, which also drew support from the Department of Defense and General Services Administration, presents a series of recommendations to enhance Federal government mobile device security. Key recommendations include Adoption of a framework for mobile device security based on existing standards and best practices and resuming the DHS S&T applied research program in Mobile Application Security to enable the secure use of mobile applications for government use.
It’s important to keep in mind that DHS has a responsibility to not only secure the means of communication used by departments and agencies, but to safeguard the nation against emerging threats in both the physical and cyber domains. Mobile technology is essential to the United States not just for government use, but also for the security and integrity of communications for businesses and citizens.