by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : July 2013
QHow can agencies minimize the cost of deploying and managing mobile devices? There are a number of ways to simplify device management, by minimizing the technical variables they must address. One strategy to control cost and minimize risk is to stan- dardize on a platform that the agency is prepared to support and that has been determined to meet the mobile computing requirements of primary users. Many security capabilities and hardware con guration management considerations vary depending on the oper- ating system the devices employ. By focusing investment and support on a preferred platform, government IT shops can limit the range of expertise necessary to ensure trusted remote communications with their users mobile devices. QWhat steps can agencies take to minimize the risk to gov- ernment data from compromised, lost, or stolen devices? Consistent and enforceable security controls are essen- tial to protect federal information assets. Agencies need a complete inventory of authorized mobile devices, the ability to track them, and the capability to remotely wipe lost or stolen devices. Further, agencies must manage and enforce password policies for complexity and age. To complement these mobile security management fun- damentals, such options as root detection, application white listing and remote lock can enhance the security of mobile computing environments. What is mobile application management and why is it important to mobile security? Mobile Applications Management (MAM) allows IT system administrators to control the applications that may be downloaded, installed, and accessed on mo- bile devices they manage, as well as how those apps are used. Whereas Mobile Device Management tools consider the entire device, MAM focuses on the ap- plications. Given the tens of thousands of available ap- plications, it is important to educate device users about the risks associated with downloading un-trusted ap- plications to their smartphones and tablets. Many are unaware that these apps may expose data, as well as host networks and data repositories, to malware---from minor nuisances to signi cant security threats. To limit exposure, a MAM strategy may limit users to down- loading only authorized applications from an agency app store or other approved list of sanctioned tools. MAM also may provide the ability to "wrap" certain ap- plications for greater control. For example, some applica- tions may only be used with an active VPN connection, or when a user enters an additional passcode. Applica- tion wrapping also can be used to wipe data from certain agency-speci c apps, while retaining other personal ap- plication information on a speci c device. Q What role does network access control management play in mobile security? Network access control provides a means to ensure remote devices are authorized to connect to a network and enables an essential level of organizational security with port-level authentication of remote devices. Dur- ing the authentication and authorization phases, mobile devices also can be assessed for compliance to agency access standards. Has the device been rooted? Is the anti-virus software up-to date? Since mobile devices pose many of the same risks to network operations as laptops, it is recommended that they be pro led before allowing network access. Q To what extent can wireless LANs provide the kind of security agencies expect on traditional LANs? Wireless local area networks (WLANs) are becoming more common in federal enterprises, even within defense organizations that traditionally have been somewhat "Wi- Fi averse." To establish strong Wi-Fi security policies, agencies should subject WLAN traf c to the same re- wall, intrusion prevention system (IPS) and network ac- cess control (NAC) rules that they currently apply to LAN traf c. WLAN traf c can be further protected by using strong encryption, such as elliptic curve cryptography (ECC)-based Suite B, as proposed by NSA and NIST. A A A A A Q B Sponsored Content Tim LeMaster, Sr. Director, Federal System Engineering, Juniper Networks F u , www.juniper.net