Page 24 - FCW, September 15, 2016
P. 24

Mobility SponSored report
Game ChanGinG TeChnoloGy To meeT aGenCy missions
DHS, NIST Lead Way on Mobile Security
the Department of Homeland Security (DHS) and the National Institute of Standards and Technology (NIST) both have multiple efforts underway to strengthen mobile security. Among other issues, DHS is focused on mobile application security. As part of a five-year cybersecurity broad agency announcement, DHS
is looking for industry experts to develop new tools to assist mobile app developers, analysts and security or network operators.
for first responders. This effort is aimed at maintaining secure access to critical resources without obstructing information-sharing among the various first responders on a scene.
One area of interest is continuous validation and threat protection for mobile applications. “This entails developing the capability to anticipate and, if needed, react to future threats and vulnerabilities while continuously monitoring a mobile device’s security posture,” the BAA states. Another focus area is integrating security throughout the mobile application lifecycle, which includes developing
size Up Mobility Risks
People understand the security risks that come with mobility, according to a recent study conducted by the Ponemon institute. The survey, which covered nearly 600 iT and security executives in the private and public sectors, found mobile users understand the risks and believe the risks are growing.
here are some key data points:
83% say mobile devices are susceptible to hacking
a security framework for mobile application development.
believe poor mobile security has likely resulted in a data breach
say their organization is “vigilant” in protecting sensitive data from unauthorized access
say their organization specifies what data can be stored on a personal device
Separately, DHS is working with Northrop Grumman on a biometric
solution intended to eliminate the need for passwords on mobile devices. The project will combine behavioral sensing and modeling techniques to authenticate user identities.
in order to access public safety data is critical to ensuring that first responders can deliver proper care and support during an emergency.”
Meanwhile, NIST’s National Cybersecurity Center of Excellence is working on standards designed to streamline mobile authentication
The goal is to make it possible for all applications in a given environment to recognize an identity accepted by one of them, providing single sign-on functionality.
Source: Ponemon Institute
Many public safety agencies are investing in multi-factor authentication systems as a way to control access to sensitive information. However, this can be a problem if first-responders need to access multiple systems while on the scene, with each requiring multi- factor authentication.
“When responding to an emergency, public safety personnel require on- demand access to data,” the NIST project description states. “The ability to quickly and securely authenticate

   22   23   24   25   26