Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

NIST updates guidelines for mobile device security

12.07.2012
The National Institute of Standards and Technology (NIST) has released a proposed update to its guidelines for securing mobile devices—such as smart phones and tablets—that are used by the federal government. NIST is asking for public comment on the draft document.

Mobile devices allow workers, including government employees, to work in multiple locations and to improve their efficiency. But the same features that make these devices desirable make them a security challenge.

Mobile devices can easily be lost or stolen, and users may be tempted to download nonsecure apps that might conceal "malware" that could be used to steal confidential data. Since security is minimal for mobile devices, a thief can retrieve sensitive data directly from the device, or use the phone or tablet to access an organization's computer network remotely.

The revised guidelines recommend using a software technology that centralizes device management at the organization level to secure both agency-issued and personally owned devices that are used for government business. Centralized programs manage the configuration and security of mobile devices and provide secure access to an organization's computer network. They are typically used to manage the smart phones that many agencies issue to staff. The new NIST guidelines offer recommendations for selecting, implementing, and using centralized management technologies for securing mobile devices.

"Mobile devices need to support multiple security objectives: confidentiality, integrity and availability, so they need to be secured against a variety of threats," explains co-author and NIST guest researcher Karen Scarfone. This publication provides specific recommendations for securing mobile devices and is intended to supplement federal government security controls specified in NIST's fundamental IT security document, Recommended Security Controls for Federal Information Systems and Organizations (Special Publication 800-53).

The draft guidelines also recommend developing system threat models for mobile devices and those resources accessed through them, instituting a mobile device security policy, implementing and testing a prototype of the mobile device solution before putting it into production, securing each organization-issued mobile device before allowing a user to access it, and maintaining mobile device security regularly.

Originally published as Guidelines on Cell Phone and PDA Security, the revision has been updated for today's technology. The guidelines do not cover laptops because the security controls available for laptops today are quite different than those available for smart phones and tablets. Basic cell phones are not covered because of the limited security options available and threats they face.

NIST requests comments on Guidelines for Managing and Securing Mobile Devices in the Enterprise (SP 800-124 Revision 1). The document can be found at http://csrc.nist.gov/publications/drafts/800-124r1/draft_sp800-124-rev1.pdf. Comments should be sent to 800-124comments@nist.gov by Friday, Aug. 17, 2012, with the subject "SP 800-124 Comments."

Evelyn Brown | EurekAlert!
Further information:
http://www.nist.gov

More articles from Information Technology:

nachricht Concert of magnetic moments
14.06.2019 | Forschungszentrum Juelich

nachricht Rigid bonds enable new data storage technology
14.06.2019 | European XFEL GmbH

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: MPSD team discovers light-induced ferroelectricity in strontium titanate

Light can be used not only to measure materials’ properties, but also to change them. Especially interesting are those cases in which the function of a material can be modified, such as its ability to conduct electricity or to store information in its magnetic state. A team led by Andrea Cavalleri from the Max Planck Institute for the Structure and Dynamics of Matter in Hamburg used terahertz frequency light pulses to transform a non-ferroelectric material into a ferroelectric one.

Ferroelectricity is a state in which the constituent lattice “looks” in one specific direction, forming a macroscopic electrical polarisation. The ability to...

Im Focus: Determining the Earth’s gravity field more accurately than ever before

Researchers at TU Graz calculate the most accurate gravity field determination of the Earth using 1.16 billion satellite measurements. This yields valuable knowledge for climate research.

The Earth’s gravity fluctuates from place to place. Geodesists use this phenomenon to observe geodynamic and climatological processes. Using...

Im Focus: Tube anemone has the largest animal mitochondrial genome ever sequenced

Discovery by Brazilian and US researchers could change the classification of two species, which appear more akin to jellyfish than was thought.

The tube anemone Isarachnanthus nocturnus is only 15 cm long but has the largest mitochondrial genome of any animal sequenced to date, with 80,923 base pairs....

Im Focus: Tiny light box opens new doors into the nanoworld

Researchers at Chalmers University of Technology, Sweden, have discovered a completely new way of capturing, amplifying and linking light to matter at the nanolevel. Using a tiny box, built from stacked atomically thin material, they have succeeded in creating a type of feedback loop in which light and matter become one. The discovery, which was recently published in Nature Nanotechnology, opens up new possibilities in the world of nanophotonics.

Photonics is concerned with various means of using light. Fibre-optic communication is an example of photonics, as is the technology behind photodetectors and...

Im Focus: Cost-effective and individualized advanced electronic packaging in small batches now available

Fraunhofer IZM is joining the EUROPRACTICE IC Service platform. Together, the partners are making fan-out wafer level packaging (FOWLP) for electronic devices available and affordable even in small batches – and thus of interest to research institutes, universities, and SMEs. Costs can be significantly reduced by up to ten customers implementing individual fan-out wafer level packaging for their ICs or other components on a multi-project wafer. The target group includes any organization that does not produce in large quantities, but requires prototypes.

Research always means trying things out and daring to do new things. Research institutes, universities, and SMEs do not produce in large batches, but rather...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

VideoLinks
Industry & Economy
Event News

SEMANTiCS 2019 brings together industry leaders and data scientists in Karlsruhe

29.04.2019 | Event News

Revered mathematicians and computer scientists converge with 200 young researchers in Heidelberg!

17.04.2019 | Event News

First dust conference in the Central Asian part of the earth’s dust belt

15.04.2019 | Event News

 
Latest News

Concert of magnetic moments

14.06.2019 | Information Technology

Materials informatics reveals new class of super-hard alloys

14.06.2019 | Materials Sciences

New imaging modality targets cholesterol in arterial plaque

14.06.2019 | Medical Engineering

VideoLinks
Science & Research
Overview of more VideoLinks >>>