Mobile devices allow workers, including government employees, to work in multiple locations and to improve their efficiency. But the same features that make these devices desirable make them a security challenge.
Mobile devices can easily be lost or stolen, and users may be tempted to download nonsecure apps that might conceal "malware" that could be used to steal confidential data. Since security is minimal for mobile devices, a thief can retrieve sensitive data directly from the device, or use the phone or tablet to access an organization's computer network remotely.
The revised guidelines recommend using a software technology that centralizes device management at the organization level to secure both agency-issued and personally owned devices that are used for government business. Centralized programs manage the configuration and security of mobile devices and provide secure access to an organization's computer network. They are typically used to manage the smart phones that many agencies issue to staff. The new NIST guidelines offer recommendations for selecting, implementing, and using centralized management technologies for securing mobile devices.
"Mobile devices need to support multiple security objectives: confidentiality, integrity and availability, so they need to be secured against a variety of threats," explains co-author and NIST guest researcher Karen Scarfone. This publication provides specific recommendations for securing mobile devices and is intended to supplement federal government security controls specified in NIST's fundamental IT security document, Recommended Security Controls for Federal Information Systems and Organizations (Special Publication 800-53).
The draft guidelines also recommend developing system threat models for mobile devices and those resources accessed through them, instituting a mobile device security policy, implementing and testing a prototype of the mobile device solution before putting it into production, securing each organization-issued mobile device before allowing a user to access it, and maintaining mobile device security regularly.
Originally published as Guidelines on Cell Phone and PDA Security, the revision has been updated for today's technology. The guidelines do not cover laptops because the security controls available for laptops today are quite different than those available for smart phones and tablets. Basic cell phones are not covered because of the limited security options available and threats they face.
NIST requests comments on Guidelines for Managing and Securing Mobile Devices in the Enterprise (SP 800-124 Revision 1). The document can be found at http://csrc.nist.gov/publications/drafts/800-124r1/draft_sp800-124-rev1.pdf. Comments should be sent to email@example.com by Friday, Aug. 17, 2012, with the subject "SP 800-124 Comments."
Evelyn Brown | EurekAlert!
Concert of magnetic moments
14.06.2019 | Forschungszentrum Juelich
Rigid bonds enable new data storage technology
14.06.2019 | European XFEL GmbH
Light can be used not only to measure materials’ properties, but also to change them. Especially interesting are those cases in which the function of a material can be modified, such as its ability to conduct electricity or to store information in its magnetic state. A team led by Andrea Cavalleri from the Max Planck Institute for the Structure and Dynamics of Matter in Hamburg used terahertz frequency light pulses to transform a non-ferroelectric material into a ferroelectric one.
Ferroelectricity is a state in which the constituent lattice “looks” in one specific direction, forming a macroscopic electrical polarisation. The ability to...
Researchers at TU Graz calculate the most accurate gravity field determination of the Earth using 1.16 billion satellite measurements. This yields valuable knowledge for climate research.
The Earth’s gravity fluctuates from place to place. Geodesists use this phenomenon to observe geodynamic and climatological processes. Using...
Discovery by Brazilian and US researchers could change the classification of two species, which appear more akin to jellyfish than was thought.
The tube anemone Isarachnanthus nocturnus is only 15 cm long but has the largest mitochondrial genome of any animal sequenced to date, with 80,923 base pairs....
Researchers at Chalmers University of Technology, Sweden, have discovered a completely new way of capturing, amplifying and linking light to matter at the nanolevel. Using a tiny box, built from stacked atomically thin material, they have succeeded in creating a type of feedback loop in which light and matter become one. The discovery, which was recently published in Nature Nanotechnology, opens up new possibilities in the world of nanophotonics.
Photonics is concerned with various means of using light. Fibre-optic communication is an example of photonics, as is the technology behind photodetectors and...
Fraunhofer IZM is joining the EUROPRACTICE IC Service platform. Together, the partners are making fan-out wafer level packaging (FOWLP) for electronic devices available and affordable even in small batches – and thus of interest to research institutes, universities, and SMEs. Costs can be significantly reduced by up to ten customers implementing individual fan-out wafer level packaging for their ICs or other components on a multi-project wafer. The target group includes any organization that does not produce in large quantities, but requires prototypes.
Research always means trying things out and daring to do new things. Research institutes, universities, and SMEs do not produce in large batches, but rather...
29.04.2019 | Event News
17.04.2019 | Event News
15.04.2019 | Event News
14.06.2019 | Information Technology
14.06.2019 | Materials Sciences
14.06.2019 | Medical Engineering