Ad Image

Report Reveals Sub Par Mobile Security Measures in Government Agencies

US Army MDM BYOD

US Army MDM BYODIn recent months we have seen news about a number of government agencies addressing mobility strategies and management solutions as mobility continues to grow within the government sector. The Library of Congress, the Department of Veteran’s Affairs and the Department of Defense (DOD) as a whole are all evaluating their mobility strategies and security measures being taken. A recent report conducted by the Office of Inspector General reveals just how dire some sector of the government’s needs actually are when it comes to the management and security of their mobile environments.

The report looked to determine whether the Department of the Army had an effective cybersecurity program that identified and mitigated risks surrounding commercial mobile devices (CMDs) and removable media. In looking at the United States Military Academy (USMA) and United States Army Corps of Engineers (USACE) Engineer Research and Development Center (ERDC) the report simply suggested that “The Army Chief Information Officer (CIO) did not implement an effective cybersecurity program for CMDs.” Quite surprising for a group that is built on policy, regulation and structure.

A report audit highlights some of the more concerning finding and that the Army CIO did not:

  • ensure that Commands configured CMDs to protect stored information. The CIOs at United States Military Academy (USMA) and United States Army Corps of Engineers (USACE) Engineer Research and Development Center (ERDC) did not use a mobile device management application to configure all CMDs to protect stored information.  
  • require CMDs to be properly sanitized. CIOs at USMA and USACE ERDC did not have the capability to remotely wipe data stored on CMDs that were transferred, lost, stolen, or damaged.  
  • control CMDs used as removable media. The CIOs at USMA and USACE ERDC allowed users to store sensitive data on CMDs that acted as removable media.  
  • require training and use agreements specific to CMDs. The CIOs at USMA and USACE ERDC did not train CMD users and require users to sign user agreements. 

Click here to access the full report and recommendations offered by the Office of Inspector General.

Share This

This article was written by on April 2, 2013

Related Posts

15 Mobile App Security Best Practices for Organizations
Featured
15 Mobile App Security Best Practices for Organizations
Mobile Security Best Practices
Featured
10 Mobile Security Best Practices to Consider in 2024
5G Connectivity
Featured
AI’s Unprecedented Role in Revolutionizing 5G Connectivity

Follow Solutions Review