A study led by the Department of Homeland Security‘s science and technology directorate has offered recommendations for the federal government to manage the security of mobile devices being used by agency employees.DHS said Thursday it submitted the report titled “Study on Mobile Device Security” to Congress in accordance with the Cybersecurity Act of 2015.
“The Study on Mobile Device Security has found that threats to the mobile device ecosystem are growing, but also that the security of mobile computing is improving,” said Robert Griffin, DHS acting undersecretary for science and technology.
The report calls on the federal government to adopt a framework for mobile device security based on existing standards and best practices as well as boost Federal Information Security Modernization Act metrics to focus on mobile security.
DHS also recommends to include mobility in the Continuous Diagnostics and Mitigation program; continue DHS S&T’s applied research program in mobile application security; launch a new program on mobile threat information sharing; and coordinate the adoption of mobile security technologies into operational programs, among others.
The study found that mobile security threats facing the federal government require a mitigation approach that differs from protective measures created for desktop workstations.
The report also noted federal government mobile devices could serve as an entry point to attack back-end computer systems that contain citizen data and sensitive government information.
DHS S&T led the study in collaboration with the National Institute of Standards and Technology and NIST’s National Cybersecurity Center of Excellence.
