With the significant increase over the last few years in new smart phones, smart devices, and tablets, the demand by government employees to utilize these devices for work and home use is growing. We called this phenomena the “consumerization of IT.” Using these types of devices can increase productivity for government employees, assist consumers with accessing citizen services via custom government apps, and allow troops on the ground in remote locations the ability to get access to mission critical data and applications.
However, along with the benefits come risks as well. We are an app happy society which is wonderful for us…..and for the bad guys. Of the hundreds of mobile device threats we saw in 2010 and 2011, many of them exploit vulnerabilities in mobile applications by installing Trojans, etc. SMS senders are also becoming quite popular as a threat vector. Most of these threats exploit social engineering tactics to spoof consumers.
Government departments like DoD, NSA, VA and others are now trying to come up with policies and strategies for how to enable the use of mobile devices in their workplace environments while protecting sensitive data that resides on or is accessed through these devices. As government departments develop these strategies/plans, they should consider including mobile device management and security, application security/certs, identity management/user authentication, data loss prevention, among other items. For any questions about the mobile threat landscape or how Symantec can help, go here or contact me.