What is, in your opinion, the biggest challenge in protecting sensitive information at the government level?
The mobile nature of information poses a significant challenge at the government level. Data no longer simply resides within the network; it exists on mobile devices and data that is on a network can be accessed from virtually anywhere. In addition, compromising a mobile device itself can place the government at risk.
Spyware exists today that can track a person via GPS, monitor all voice, e-mail and text messages and even remotely and silently enable the microphone to listen to ambient voice conversations. As such, managing the integrity of the mobile devices is of paramount concern and is a significant challenge. Mobile devices are in need of the same protection as PC's, as they require antivirus, firewall, encryption, etc. Government agencies frequently find their mobile devices do not have this protection in place, which jeopardizes the integrity of the device and their sensitive data.
We are becoming increasingly aware of the dangers posed by mobile devices that contain confidential information and that are subject to theft, loss or breach. What can the White House specifically do in order to mitigate those risks?
Only senior staff members and those with proper security clearance use mobile technology such as laptops and smartphones. Rules limiting usage are in place and all communication is closely monitored. Limitations on staff use of mobile devices include a mandate that they not leave the U.S. Meanwhile the White House has taken steps to secure the devices used on U.S. soil as well.
Anti-virus and anti-malware software as well as firewall and applications that can remotely wipe the memory in the event of loss are all readily available and in use. Vendors, like SMobile Systems have been in use on many levels to provide various departments and staffers critical protection for sensitive data.
Based on your experiences, what set of devices are the most hard to secure?
Any mobile device can be hard to secure because they are more susceptible to a physical compromise. We kept a close eye on usage – monitored for uncommon activity and enforced strong protocol for use. Each device was protected with security software and always accounted for.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.