June 7, 2018

min read

Government Employees Being Human: How Mobile Behavior Impacts Security

Human behavior

The federal government has moved aggressively in recent years to put mobile technology into the hands of its workforce. This is a positive step for both the agencies and the individual employees. These steps have increased employee productivity and have brought government use of mobile more in line with the private sector.

Unfortunately, it's inevitable in today's cybersecurity climate that increased use of mobile creates a potential attack vector for malicious actors. For example, mobile is now a key target for Advanced Persistent Threat actors.. These are called mobile APTs (mAPTs) and they take advantage of a smartphone's features and capabilities to turn it into the ideal weapon for cyber espionage. Batting Human NatureCompounding this threat is how humans use mobile devices. Convenience often supersedes following policy, leading to increased risk of security incidents involving mobile devices. According to a recently published report from Lookout, 96 percent of respondents said their agency had a mobile security strategy, and 94.5 percent said to enforce that policy they are using some sort of management tool, either EMM or Mobile Device Management (MDM). These tools are important for mobile security, and taken as face value these percentages are reassuring.

However, our survey revealed some sobering numbers regarding actual employee behavior using mobile:

  • 74 percent of agency respondents said employees add apps to their phones from unapproved app stores
  • 72 percent of respondents said employees "often" connect their personal devices to federal Wi-Fi to perform tasks while at work
  • 67.5 percent say they know work email is stored on employee personal devices
  • 47 percent report their employees send work documents to unsecured personal email accounts

A better security solution

Current mobile security efforts are falling short. People are bringing their devices into work whether their agency allows them to your not. According to a study we conducted in  2015, 27 percent of federal employees use their personal device for work email, and 24 percent use it to download work documents. This means that governments are not only facing how their employees use their GFE phones, they're tackling the issue of personal device usage as well. Any effective security solution needs to work with - not against - this fundamental premise.

A comprehensive mobile security solution must protect against the Spectrum of Mobile Risk, including:

  • App threats and risks
  • Device threats and risks
  • Network threats and risks
  • Web and content threats and risks (e.g., phishing)

These advanced solutions can be seamlessly integrated with existing EMM and MDM platforms to create true mobile protection for today's modern government agencies. Most mobile security providers integrate  their various offerings with the leading EMM/MDM platforms, including Microsoft Intune, VMWare AirWatch, and MobileIron.

The main benefits of such integrations are:

  • Device Provisioning - Using your EMM/MDM solution, the mobile security endpoint app can be easily distributed across your mobile devices, allowing for rapid and scalable device provisioning.
  • Threat Remediation - When a threat or non-compliance is detected, the offending device can be remotely locked, wiped, quarantined, or blocked from accessing your corporate network according to your remediation policies.
  • Containerization - If you choose to employ a container, this can help separate enterprise and personal data, keeping you one layer safer if an end-user encounters a threat. This will only work if the end-user's device is not jailbroken or rooted. Mobile security solutions will be able to alert you, if that is the case.

Once deployed, mobile security can detect new or emerging threats and then work with EMM/MDM solutions to remediate them. This integration provides businesses with significant policy flexibility by enabling a more precise matching of the risks posed by certain threats to particular remediation strategies.

The current status quo puts government data at risk. Agencies should move now to secure the mobile mission, rather than wait for these steps to be mandated.