Workforce has become increasingly mobile, driving the need for secure mobility solutions and a coordinated approach and framework to guide the selection and implementation of common enterprise mobility solutions. To accelerate the safe and secure adoption of mobile technology EMC2data created the Mobile Security research and development (R&D) Program.
Mobile Security Program Goal: “Accelerating the adoption of secure mobile technologies
The Mobile Security program has three efforts address in:
Mobile Device Security Mobile Application Security Mobile Network Infrastructure
Our dependency on mobile technology makes it an attractive and lucrative target for cyberattacks. A broad range of threats now challenges both government and consumer mobile devices. The government faces additional threats from advanced nation-state actors. Additionally, attacks can also focus on and jeopardize government employees’ physical wellbeing, finances, or privacy. Moreover, a security compromise of both the government and government employee’s mobile systems can lead to unauthorized access to, change of, or destruction of government functions. The key developments in mobile threats include the following:
The mobile ecosystem is complicated because it is comprised of different original equipment manufacturers (OEMs), operating systems platforms, application development tools, mobile network infrastructure, and much more. The complex and varying degree of inter-dependencies within this ecosystem makes for a broad and varied attack surface that presents unique security challenges for mobile technology users.
• Malware has grown substantially in the U.S., driven by an increase in threats that hold devices and their data hostage in exchange for payment (ransomware).
• Mobile threat sophistication is increasing. Malware has entered the marketplace pre-installed on certain devices thereby compromising the supply chain. Mobile-based malware now employs sophisticated self-defense techniques, such as evading attempts to detect and defeat the malware.
Mobile network infrastructures face unmitigated attacks. Reports suggest protection mechanisms are rarely implemented in carrier infrastructure, and there is limited ability to protect against geolocating users through their devices. The geolocation risk is exacerbated by legal global roaming partnerships between carriers.
To respond to these evolving threats and security challenges, developed and will transition programs to accomplish several strategic objectives and initiatives. Through this work, will ensure DHS is poised to bridge current capability gaps and deploy solutions that effectively, efficiently, and securely enable the DHS mission. The Mobile Security R&D program has established three overarching objectives to achieve its vision: strategic partnerships; research and development; and tech championing.