Skip to main content Skip to Footer

LATEST THINKING


Managing mobility: Securing mission-critical mobile devices, data

Moving to a digital government with mobile technology is helping agencies enhance their mission, but they could also be putting their mission at risk.

Overview

Mobile has become the foundation of any successful business, but it also poses several challenges, especially in government. With sensitive data at risk, federal agencies must address mobile security early and often to deliver public service for the future.

Much of the focus until now has been on securing mobile applications, leaving business and mission-critical mobile devices and data open to malicious attacks. The challenge now is for government agencies to look beyond only bringing government-grade security to applications. Agencies must bring government-grade security to the entire software stack on mobile devices—protecting the data and the device itself.

In this report, we explore a number of security solutions for enterprise mobility for federal agencies

Download the Report [PDF,38.1KB]

Background

Many federal agencies have turned to mobile device management (MDM), mobile application management (MAM) and secure application container solutions to protect federal data and devices, but these solutions only go so far. MDMs, MAMs and application containers present substantial residual risk for malware and device integrity attacks, as well as denial of service due to resource starvation.

How are CIOs Thinking About Mobile Security?

Analysis

Federal agencies have a number of options when considering security solutions for enterprise mobility:

Mobile virtualization. The threat blending enterprise and personal data poses can be vastly eliminated by virtualization. With mobile virtualization, mobile phones can support several operating systems on the same hardware. Virtualization can be applied in three ways:

  • Application-level virtualization. The advantage of this approach lies in simple deployment through an application store while enabling isolation of personal and enterprise data.

  • System-level virtualization. This type of virtualization protects the platform by providing greater protection from malicious and root attacks.

  • Hybrid approach. The combination of a type-1 and type-2 hypervisor enables reloading of modules in kernals and offers shorter deployment paths compared to system-level approaches.

Trusted Platform Module Mobiles are security components that meet the Trusted Computing Group specifications for use in mobile devices. One example of such a module is:

  • GlobalPlatform™ Trusted Execution Environment, which defines a standards-based isolation environment for a mobile device’s processor chip, and enables processing of sensitive data outside of the main operating environment and isolated system memory.

Recommendations

Applications for mobile devices can range from secure mobile voice and video for mission-critical work to business-critical citizen services, but not just any mobile device will do. Effectively delivering public service for the future means ensuring the device you are using is secure. Taking the necessary steps to secure your enterprise data on devices by considering all your options could mean the difference between an enhanced mission and a mission that is at risk.

Industry & topics highlighted

Mobility