U.S. Gov't Takes Up Mobile ChallengeArmy, NSA Figuring Out How to Secure Smartphones
Smartphones and their e-tablet cousins present a slew of security risks, serious ones that could compromise sensitive and classified information. That's a big challenge that must be taken seriously, but one that can be addressed, as these two Defense Department organizations are doing.
The Army isn't going to permit just any smartphone, but an Android version it's reengineering to store classified documents and not transmit data over a cell network, according to a CNN report: "Rather than building special handsets hardwired with secure components, the government plans to install its software on commercially available phones. ... This approach is far less expensive and allows the government to stay up to date with the latest phones on the market."
It's encouraging that the Army and National Security Agency have decided not to reject mobile technologies because of the serious vulnerabilities they pose but to figure out how best to limit or eliminate those risks
Why Android? Google lets people putter with its its code, Apple doesn't.
What type of problem worries those trying to secure mobile devices? Apps that seek more information than needed to function. For instance, a time or a weather app could employ GPS that identifies a user's location. "If a clock application gets your GPS and transmits something over the network, that's not something that we would want to support," Angelos Stavrou, an information-security director at George Mason University, who's working on the government smartphone project, tells the news network.
The NSA is developing security requirements and conducting pilots with commercial devices to gather data on performance and usability, according to published reports. The findings will be shared with the tech industry in the development of mobile products the military and intelligence services can use.
The demand to use mobile devices emanates from the ranks of these organizations. "People desire to use their consumer devices to access their corporate networks," Troy Lange, NSA's mobility mission manager, tells InformationWeek. "This is about bringing efficiencies and capabilities that people are used to in their everyday lives and extending that to our national security mission."
The outcome of these Army and NSA projects will have a big impact throughout government, and the private sector as well. It's encouraging that the Army and NSA have decided not to reject mobile technologies because of the serious vulnerabilities they pose but to figure out how best to limit or eliminate those risks.