by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : January 2015
Q What are the major threats to mobile security today? How will those change? Unlike the desktop and stationary environments of the past, the biggest threat today is having end points that are moving around outside the physical boundaries of the organization and without close control. The challenge is to make sure government information and data are protected with devices that match up with specific agency security policies and requirements. Some agencies already have a solid set of defined requirements and a sound understanding of the issues, but others still need strong support from device providers. Q Is there such a thing as a totally secure mobile device? A Security is a relative goal. First, you have to understand the capabilities of the devices, and then, the associated ser vices and products that come with them. After that, you can better judge the risk/reward and tradeoffs when selecting a product. Samsung’s platform incorporates both hardware- and software- based security components, rather than software alone, and that’s already shown dividends. Samsung Galaxy devices, supported by the Samsung Knox platform, have passed rigorous government testing and are now included on the Commercial Solutions for Classified (CSfC) list. Q The focus for enterprise security is shifting. Where does mobile device security fit? A You’re right, in that the paradigm for security is shifting and BYOD continues to drive the need for more control of data on the device and better device policy management. For example, there’s an accelerating trend to move certain types of employees off of laptops and PCs and onto tablets and smartphones. Agencies want more operational effectiveness, so the future of mobile technology needs to meet or exceed the requirements for fixed base assets while being mobile. That said, mobile security first has to be integrated into existing security paradigms. Once those baseline needs are met, then you can move beyond those requirements. Q How different are the mobile security needs of individual programs? How do you meet them? A Again, you must have a good understanding of an agency’s baseline needs, then you can make educated decisions on how and when to increase security requirements. For example, think about the option to move into the biometric space to improve multi-factor authentication. You should leverage the technology that’s already there in mobile devices, then add additional resources and capabilities as required. Existing technologies like fingerprint readers, camera quality which promotes iris and retina recognition are some examples of adapting existing technologies. From the Samsung perspective, that starts with executing things such as encryption and key management in hardware and then, moving forward, adding things like secure boot and trusted boot, as well as the trusted integrity management architecture and application framework as a solid baseline to build on. Q Does it really matter what mobile device technologies are used when it comes to security? A Absolutely. If you don’t have a common, solid core of security that you’re building on top of, then the mobile device technologies you’re deploying aren’t truly secure and potentially won’t meet the needs of the business. Nearly every smartphone, for example, comes with both a front and a back camera. Building security capabilities into those devices allows for the management of policies around the camera, mitigating the risk of an information leak. We built our Samsung Knox framework on our devices by starting from the hardware up. When you add a feature or capability to a device, you can take a look at the core security structure and make a determination about the potential use, or potential abuse, of the new technology and adapt according to the need. A The Enterprise Security Shift Sponsored Content To learn more go to: www.samsung.com/us/enterprise Sam Phillips, Vice President of Global Enterprise Services (GES), Security Solutions, Samsung
November and December 2014