NIST Updates Guidelines for Mobile Device Security
Mobile devices allow workers, including government employees, to work in multiple locations and to improve their efficiency. But the same features that make these devices desirable make them a security challenge. Mobile
devices can easily be lost or stolen, and users may be tempted to download nonsecure apps that might conceal “malware” that could be used to steal confidential data. Since security is minimal for mobile devices, a thief can retrieve sensitive data directly from the device, or use the phone or tablet to access an organization’s computer network remotely.
The revised guidelines recommend using a software technology that centralizes device management at the organization level to secure both agency-issued and personally owned devices that are used for government business. Centralized programs manage the configuration and security of mobile devices and provide secure access to an organization’s computer network. They are typically used to manage the smart phones that many agencies issue to staff. The new NIST guidelines offer recommendations for selecting, implementing, and using centralized management technologies for securing mobile devices.
“Mobile devices need to support multiple security objectives: confidentiality, integrity and availability, so they need to be secured against a variety of threats,” explains co-author and NIST guest researcher Karen Scarfone.
- Smartphone, tablet security and management guidelines on tap from NIST (computerworld.co.nz)
- NIST releases second draft of federal ID credential security standard for comment (phys.org)
Posted on July 12, 2012, in Cybersecurity, Security, Smart Phone and tagged Mobile device, Mobile device management, National Institute of Standards and Technology, NIST, Security, Smartphone. Bookmark the permalink. Comments Off on NIST Updates Guidelines for Mobile Device Security.