The Public Eye with Eric Chabrow

U.S. Gov't Takes Up Mobile Challenge

Army, NSA Figuring Out How to Secure Smartphones
U.S. Gov't Takes Up Mobile Challenge

Two of the American government's most IT-security sensitive organizations - the Army and National Security Agency - are looking for ways to employ smartphones to access selected IT systems.

Smartphones and their e-tablet cousins present a slew of security risks, serious ones that could compromise sensitive and classified information. That's a big challenge that must be taken seriously, but one that can be addressed, as these two Defense Department organizations are doing.

See Also: AI-Driven Strategies for Effective Cyber Incident Recovery

The Army isn't going to permit just any smartphone, but an Android version it's reengineering to store classified documents and not transmit data over a cell network, according to a CNN report: "Rather than building special handsets hardwired with secure components, the government plans to install its software on commercially available phones. ... This approach is far less expensive and allows the government to stay up to date with the latest phones on the market."

Why Android? Google lets people putter with its its code, Apple doesn't.

What type of problem worries those trying to secure mobile devices? Apps that seek more information than needed to function. For instance, a time or a weather app could employ GPS that identifies a user's location. "If a clock application gets your GPS and transmits something over the network, that's not something that we would want to support," Angelos Stavrou, an information-security director at George Mason University, who's working on the government smartphone project, tells the news network.

The NSA is developing security requirements and conducting pilots with commercial devices to gather data on performance and usability, according to published reports. The findings will be shared with the tech industry in the development of mobile products the military and intelligence services can use.

The demand to use mobile devices emanates from the ranks of these organizations. "People desire to use their consumer devices to access their corporate networks," Troy Lange, NSA's mobility mission manager, tells InformationWeek. "This is about bringing efficiencies and capabilities that people are used to in their everyday lives and extending that to our national security mission."

The outcome of these Army and NSA projects will have a big impact throughout government, and the private sector as well. It's encouraging that the Army and NSA have decided not to reject mobile technologies because of the serious vulnerabilities they pose but to figure out how best to limit or eliminate those risks.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.