by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : October and November 2016
W HAT IS THE CURRENT STATE OF MOBILE SECURITY? There are three vectors and each is continually evolving. The first is vulnerability. Hackers are getting smarter in figuring out how to get into mobile devices and steal information. The second is organizational needs and requirements. Government agencies’ use of mobile technology is changing, as are their mobile security policies. Finally, there are the devices themselves. These are continually advancing to provide better and more pervasive security, particularly at the hardware layer. WHAT IS GOING ON IN THE AREA OF IDENTITY AND ACCESS CONTROL? The government still relies heavily on actual Common Access Card (CAC) access, where they authenticate on an actual device using two-factor authentication. Some agencies, especially in the Defense area, are working on a program called Derived Credentials. This will take credentials off the CAC and implement them as a certificate on the dev ice. That way they won’t have to walk around with an extra mechanism to authenticate because it will already be on the device. They aren’t there yet, but there have been some successful proofs of concept so it’s on the way. HOW COULD BIOMETRICS IMPROVE MOBILE SECURITY FOR GOVERNMENT? The industry has embraced biometrics, and the government is working on it. Right now, it’s a matter of finding the right standards and specs. Fingerprints were a great start for biometrics, but now new advancements such as iris scanning are allowing even more robust biometric readings and exponentially increasing the unique factors to further strengthen the speed, reliability, and security. WHAT ROLE DOES POLICY PLAY IN MOBILE SECURITY? Agencies have to determine what’s most important in terms of the data, applications and device features to which users need access. Once they establish that, it’s important to automatically enforce those policies. That way, nobody can circumvent the policy. Finally, agencies should only approve mobile devices that work well with their specific mobile security policies. WHAT’S COMING UP IN MOBILE SECURITY THAT WILL CHANGE THE GAME? There is a lot of research and development underway that will lead to some interesting advances in the next few years. Within a few years, for example, users won’t have to worr y about data on their mobile devices. Most of it will reside in some sort of virtual environment in the cloud. So users will be able to pick up any mobile device and access their virtual mobile environment, including settings, applications and data. ARE THERE SECURITY ADVANCES ON THE HORIZON THAT WILL ALSO HELP SIMPLIFY THE MOBILE EXPERIENCE? One is application- driven security. This means security features will be attached to the application instead of the entire device. For example, an agency might not let users working with specific applications use WiFi or Bluetooth while working with that application. This will reduce the need for containers and let users download and use many more types of applications on their devices, as long as specific applications are secured. Another advance in the works is context- aware security, where based on your location, the device will relax security requirements. For example, if your mobile device realizes you’re in your office, it could let you access certain applications or data that you wouldn’t be able to access in public areas. MOBILE SECURITY, PRESENT AND FUTURE Yasir Aziz, Senior Director on Samsung’s Knox Regulated Markets, gives his take on the current state of security, effective mobile security policy, and the future of mobile security. SPONSORED REPORT Download the Full Report at GCN.com/SamsungSecurityMandate SECURITY MANDATE
August and September 2016
January and February 2017