Page 23 - FCW, September 15, 2016
P. 23

Mobility SponSored report
Mobility Surge Raises
The conversation around mobility and mobile security has taken on a new sense of urgency in the federal IT community.
Defining the Mobile ecosysteM
in its request for information, Dhs and Gsa ask mobility manufacturers and service-providers to identify how their products/services/solutions address three primary mobile enterprise threats:
exploitation of enterprise mobility management/mobile Device management systems or obtaining administrator credentials
exploitation of private enterprise mobile application stores by obtaining administrator credentials
exploitation of private enterprise mobile application stores by subverting application security vetting procedures
The RFi also looks at threats to the larger mobile ecosystem. in addition to mobile enterprise threats, the RFi looks at four other areas:
application-based threats (e.g., apps that gather sensitive information)
operating system/firmware/software threats (e.g., exploitation of the os or lower-level device components)
Physical threats (e.g., lost or stolen devices)
network-based threats (e.g., collection or manipulation of voice and data communications to and from a device)
Security Stakes
Until recently, federal agencies
saw mobile technology as a promising tool primarily for improving the productivity of employees whose work often takes them on the road—
the so-called mobile warriors. Today, agencies recognize the federal workforce has become a mobile workforce,
with employees expecting access to information and services at any time, from anywhere, using any device.
Agencies are responding. For example, the demand for wireless technology is surging across government. Earlier this year, the General Services Administration reported the federal government’s use of wireless blanket purchase agreements increased by 500 percent in fiscal 2015.
In August, the Office of Management and Budget directed agencies to streamline mobile solution procurement so they can realize better cost-savings and related efficiencies. OMB also told agencies to begin reporting data on mobile service usage and pricing to a centrally managed system on a quarterly basis to help eliminate unnecessary
inventory and services.
Now the question is whether agencies
attributes of mobile devices.” One of the primary concerns is
Game ChanGinG TeChnoloGy To meeT aGenCy missions
are putting in place the appropriate security measures. The Department of Homeland Security and GSA recently launched an initiative to scope out the mobile security threat landscape in
the federal government. The initiative, mandated by the Cybersecurity Act of 2015, includes a request for information, published in July, and two industry
the continued presence of “shadow” mobile IT—that is, unauthorized mobile solutions being used to access government networks. Industry surveys have confirmed what agencies have long suspected: Employees are using their personal devices to access e-mail and other services. If these devices aren’t equipped with adequate security measures, they’ re putting government networks at risk.
days, which will involve subject matter experts from leading mobile manufacturers and service providers.
Federal IT managers understand mobile devices, whether government- or employee-owned, are often used for dual purposes, with authorization or without. The best course is to ensure the necessary safeguards are in place. In short, agencies need to see mobile security not as something that inhibits productivity, but as a facilitator.
“Mobile devices and the broader mobile ecosystem share many of the same security threats associated with traditional desktop and
laptop computers,” the RFI states. “Additionally, the impact of many of these threats can be magnified—and new threats are introduced—by the unique

   21   22   23   24   25