Tackling Mobile Security Risks for Government
“Cyber threats, Security breaches, and Hacking.” As mobility becomes more pervasive, these words have become engrained in our work-life culture. The proliferation of devices has presented new avenues for threats to penetrate as endpoints multiply exponentially.According to Sugiarto Koh, Regional Director for ASEAN (Security) at Cisco, “The issue of cyber-crime has earned headlines as governments across the globe grapple with how to build both secure and mobile-enabled infrastructures. Alongside new opportunities that come with mobility, there will also be fresh challenges particularly when it comes to cyber-security.”
In 2014, Cisco and Mobile Work Exchange released findings from a self-assessment tool that highlights some insightful statistics, enabling us to better understand mobile security best practices and vulnerabilities. The report specifically looks at government employees, where 90 percent of whom claim to use at least one mobile device for work, and reveals that many government workers (41 percent) are putting themselves and their agencies at risk.
Here are a few other compelling findings:
•On mobile devices, 31 percent use a public Wi-Fi connection and 25 percent do not set passwords.
•6 percent of government employees who use a mobile device for work say they have lost or misplaced their phone. In the average Federal agency, that’s more than 3,500 chances for a security breach.
•Despite the US Federal Digital Government Strategy, more than one in four government employees have not received mobile security training from their agencies.
Sugiarto said, “Similar scenarios apply to countries in the South East Asia. The amount of security breaches that have made the news in the past year may come as no surprise given this information. These facts speak to the need for employees to re-evaluate their mobile security behaviours and for government agencies to strengthen mobile security protocols.”
As the shift toward mobility and cloud services places a greater security burden on endpoints and mobile devices, which in some cases may never even touch the corporate network, government agencies are urged to embrace a two-fold approach to help mitigate these concerns.
Step #1: Train Government Employees about Potential Threats
Informing employees about the potential risks and threats when using either their own device or an agency-issued device can go a long way in helping prevent malicious attacks.
Albert Chai, Country Manager for Cisco in Malaysia, said “The country’s digital economy and connected government aspirations necessitate the training of cyber-security savvy employees. As each individual’s behaviour can be a potential source of threat, self-regulation is the most effective way to mitigate mobility security risks. This type of employee-led behaviour can help shape the future of mobility.”
Users are encouraged to have an open dialogue with IT teams about secure mobile use and what today’s advanced threats look like and how to avoid them. This will only grow more important as the number and types of connected devices – such as wearables—become more pervasive in government agencies.
Step #2: Institute a Formal Program for Managing Mobile Devices
For many government agencies, it’s difficult to manage the influx in types of connected equipment, especially with a limited IT budget. To cover the entire attack continuum, agencies need to address a broad range of attack vectors with solutions that operate everywhere the threat can manifest itself: on the network, on endpoints, on mobile devices and in virtual environments.
According to Cisco’s 2014 Annual Security Report, instituting a formal program for managing mobile devices to help ensure that any device is secure before it can access the network is one solution to improve security. At the very least, a personal identification number (PIN) lock should be required for user authentication and the security team should be able to turn off or wipe clean the device remotely if it is lost or stolen.
“All organizations – especially government and public sector agencies – should be concerned about finding the right balance of trust, transparency and privacy in their mobility strategy, because a great deal is at stake,” added Sugiarto.
However, by evaluating this two-fold approach, government agencies can avoid losing out on the benefits of mobility and instead, reap its rewards. Through a secure approach to mobility, agencies can experience increased productivity and lower operating costs, ultimately benefiting the public they serve.
– END –
Cisco (NASDAQ: CSCO) is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected. For ongoing news, please go to http://thenetwork.cisco.com. Cisco products are supplied in Malaysia by the channel partners of Cisco Systems International, B.V., or Cisco International Limited, both being wholly-owned subsidiaries of Cisco Systems, Inc.