by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : July 2013
GCN JULY 2013 • GCN.COM 11 SEMINARS FOR PUBLIC SECTOR IT MANAGERS Stay up-to-date on the technology, tools and tactics that are key to managing and maintaining successful IT programs. Events are held in-person in Washington, DC or online nationwide. SEMINAR TOPICS INCLUDE: Visit gcn.com/ techessentials to register and for more event details devices include loss or theft, and agen- cies are advised that "when planning mobile device security policies and controls, organizations should assume that mobile devices will be acquired by malicious parties." Mitigations for this risk can include strong authentication on the device and encryption. Other speci c risks include the use of personal devices and untrusted net- works and applications; interaction with other systems, either wirelessly or teth- ered; and the use of location services. As device features and functionality change, so do the threats they face and the applicable security controls, and this publication establishes a baseline of technology and controls that will be updated as needed. Basic guidelines for securely managing devices include: • Create a documented mobile device security policy, de ning what resources can be accessed from different types of devices and how devices are to be man- aged. This should be regularly updated. • Develop system threat models for mobile devices and the resources that are accessed by them. Threat model- ing helps organizations identify security requirements and design the solutions incorporating the controls needed. • Implement and test a pilot of the mo- bile device solution before putting it into production. At a minimum, all compo- nents should be updated with the latest patches and con gured following sound security practices. Use of jailbroken or rooted mobile devices should be auto- matically detected when feasible. • Fully secure each organization- issued mobile device before allowing a user to access it. Unmanaged devices already issued should be secured to a known good state, with supplemental security controls used as needed. • Regularly maintain mobile device security. This includes keeping patches up to date, ensuring all components are synched to a common time source so that log data can be correlated, recon- guring access controls as needed and detecting anomalies including unauthor- ized con guration changes. Agencies should determine what is needed in their environment and deploy or acquire what is appropriate, selecting from among features including policy enforcement, encryption, user and device authentication and application white and blacklisting. •