Security Experts:

Federal Government Facing Mobile Security Challenges

A report from Telework Exchange, sponsored by EMC, VMware, Cisco, and Carahsoft, shows that Federal employees are taking advantage of the BYOD bandwagon, but at the cost of higher risk to their respective agencies.

In their 2013 Digital Dilemma Report, Telework Exchange says that more than half of the smartphone users in the Federal government use their personal smartphone for job-related tasks. Yet, one in three workers do not have password protection. While mobile devices create a great opportunity for productivity gains, the report says, agencies must address current behaviors to ensure government data is not in danger.

Mobile Device Security"We can all agree employees are mobile. It is our responsibility to ensure access to government data is secure," said Cindy Auten, general manager of Telework Exchange.

In addition to password protection issues, another note from the study shows that 85 percent of the Federal employees included have downloaded an app to their personal smartphone or tablet, which exposes the device, its data, and the user to a greater level of risk, depending on the nature of the application. According to a recent GAO report, malware attacks directed at mobile devices increased by 185 percent in less than a year.

Other items from the report include the fact that just 11% of the agencies represented have some sort of BYOD policy in place, despite the fact that 55% of the employees surveyed use their own personal devices for work. Moreover, only 27% of the mobile devices being used have access to multi-factor authentication and secure remote connections to the employee’s agency.

"IT transformation, helped by the adoption of mobile computing, is at an all time high within the Federal government," said Kyle Keller, federal cloud business director at EMC Corporation.

"As more Federal employees introduce their own smartphones, tablets, and other mobile devices to work, managing these devices over an IT infrastructure they can trust becomes crucial. Implementation of policy, training and technology will be necessary to ensure the best security and control in this new era of increased mobility."

The full report is available here

view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.