Mobile devices allow workers, including government employees, to work in multiple locations and to improve their efficiency. But the same features that make these devices desirable make them a security challenge.
Mobile devices can easily be lost or stolen, and users may be tempted to download nonsecure apps that might conceal "malware" that could be used to steal confidential data. Since security is minimal for mobile devices, a thief can retrieve sensitive data directly from the device, or use the phone or tablet to access an organization's computer network remotely.
The revised guidelines recommend using a software technology that centralizes device management at the organization level to secure both agency-issued and personally owned devices that are used for government business. Centralized programs manage the configuration and security of mobile devices and provide secure access to an organization's computer network. They are typically used to manage the smart phones that many agencies issue to staff. The new NIST guidelines offer recommendations for selecting, implementing, and using centralized management technologies for securing mobile devices.
"Mobile devices need to support multiple security objectives: confidentiality, integrity and availability, so they need to be secured against a variety of threats," explains co-author and NIST guest researcher Karen Scarfone. This publication provides specific recommendations for securing mobile devices and is intended to supplement federal government security controls specified in NIST's fundamental IT security document, Recommended Security Controls for Federal Information Systems and Organizations (Special Publication 800-53).
The draft guidelines also recommend developing system threat models for mobile devices and those resources accessed through them, instituting a mobile device security policy, implementing and testing a prototype of the mobile device solution before putting it into production, securing each organization-issued mobile device before allowing a user to access it, and maintaining mobile device security regularly.
Originally published as Guidelines on Cell Phone and PDA Security, the revision has been updated for today's technology. The guidelines do not cover laptops because the security controls available for laptops today are quite different than those available for smart phones and tablets. Basic cell phones are not covered because of the limited security options available and threats they face.
NIST requests comments on Guidelines for Managing and Securing Mobile Devices in the Enterprise (SP 800-124 Revision 1). The document can be found at http://csrc.nist.gov/publications/drafts/800-124r1/draft_sp800-124-rev1.pdf. Comments should be sent to firstname.lastname@example.org by Friday, Aug. 17, 2012, with the subject "SP 800-124 Comments."
Evelyn Brown | EurekAlert!
Terahertz spectroscopy goes nano
20.10.2017 | Brown University
New software speeds origami structure designs
12.10.2017 | Georgia Institute of Technology
University of Maryland researchers contribute to historic detection of gravitational waves and light created by event
On August 17, 2017, at 12:41:04 UTC, scientists made the first direct observation of a merger between two neutron stars--the dense, collapsed cores that remain...
Seven new papers describe the first-ever detection of light from a gravitational wave source. The event, caused by two neutron stars colliding and merging together, was dubbed GW170817 because it sent ripples through space-time that reached Earth on 2017 August 17. Around the world, hundreds of excited astronomers mobilized quickly and were able to observe the event using numerous telescopes, providing a wealth of new data.
Previous detections of gravitational waves have all involved the merger of two black holes, a feat that won the 2017 Nobel Prize in Physics earlier this month....
Material defects in end products can quickly result in failures in many areas of industry, and have a massive impact on the safe use of their products. This is why, in the field of quality assurance, intelligent, nondestructive sensor systems play a key role. They allow testing components and parts in a rapid and cost-efficient manner without destroying the actual product or changing its surface. Experts from the Fraunhofer IZFP in Saarbrücken will be presenting two exhibits at the Blechexpo in Stuttgart from 7–10 November 2017 that allow fast, reliable, and automated characterization of materials and detection of defects (Hall 5, Booth 5306).
When quality testing uses time-consuming destructive test methods, it can result in enormous costs due to damaging or destroying the products. And given that...
Using a new cooling technique MPQ scientists succeed at observing collisions in a dense beam of cold and slow dipolar molecules.
How do chemical reactions proceed at extremely low temperatures? The answer requires the investigation of molecular samples that are cold, dense, and slow at...
Scientists from the Max Planck Institute of Quantum Optics, using high precision laser spectroscopy of atomic hydrogen, confirm the surprisingly small value of the proton radius determined from muonic hydrogen.
It was one of the breakthroughs of the year 2010: Laser spectroscopy of muonic hydrogen resulted in a value for the proton charge radius that was significantly...
17.10.2017 | Event News
10.10.2017 | Event News
10.10.2017 | Event News
20.10.2017 | Information Technology
20.10.2017 | Materials Sciences
20.10.2017 | Interdisciplinary Research