Critical Infrastructure & Government Organization Mobile Securityjacob Evans
Critical infrastructure provides the essential services that serve as the backbone of our nation’s economy, security, and health. The Department of Homeland Security (DHS) states that critical infrastructure is “so vital to the United States that.. incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.”
Today, with the rapid adoption of mobile technology, critical infrastructure is open to millions of entry points. Is your organization secure? How about in a disaster scenario?
Your organization is only secure if it’s mobile secure. Contact OptioLabs today.
Risk Vs. Benefit
Undoubtedly, mobile devices streamline process to improve the agility and efficiency of any work team. However, smartphones come off the assembly line designed more to connect than to protect. From easy to download apps to GPS tracking and social media, mobile devices are wide open to cyber attacks that can threaten infrastructure security at its core.
Back in 2015, attacks on mobile devices were virtually insignificant. Now, in a recent survey of IT professionals, one in five stated that their company has had a mobile IT breach. One of the reasons is that smartphones are an easy target. Users are much more likely to download a malicious app or connect to insecure WiFi using their cell phone.
If you wanted to break into Fort Knox, you wouldn’t try to break down the front door. Hackers are always looking for an unlocked back door, and cell phones have become an ubiquitous weak point.
Every Door Has A Door Behind It
For government organizations, interconnectedness brings with it an entire new set of dangers. In the Office of Personnel Management (OPM) breach, 14 million people in and outside of the government were affected – including uniformed military and intelligence personnel.
The DHS names 16 sectors that make up the country’s critical infrastructure. These categories include hundreds, if not thousands of sub-offices scattered across the United States. If government employees are accessing critical databases with their smartphones, all of these sectors are at high risk. How big is the risk? If a cybercriminal gets hold of your cell phone number, they can potentially see and hear everything that happens on your device.
Even sectors not on the list probably have digital connections to sensitive areas – as did the OPM – and security clearance information might overlap between departments.
Fine grained, dynamic, and context-dependent device control allows for fluid protection based on operation, location, time, running apps, and other parameters. For example, in a disaster or cyber attack scenario devices could be programmed to:
- Control Mobile Applications – Prevent unauthorized mobile apps from interfering with mission-critical applications or collecting sensitive information through side channel attacks. Lock down to essential and trusted apps to prevent network attacks from spreading further.
- Control Device Features – Prevent unauthorized or disruptive device functions to occur during day-to-day or emergency state operations, such as system updates or camera operation.
- Control Network Access – Lock down unauthorized network connections through Bluetooth, WiFi, NFC, cell network, etc. – by default or during disaster and attack scenarios.
- Control Device Sensors – Enable or disable sensors including microphone, camera, location/GPS tracking.
- Control Communications – Restrict messaging entirely or by app. Block or enable messaging to and from defined numbers.
Clamping down on security during emergency situations may be critical, but day-to-day protection might be even more important. Context intelligent security delivers this while preserving the value of the unit.
Mobile risks are real and growing. Each department must take proactive steps to protect their sensitive data.
Be prepared for any situation with robust mobile security. Contact OptioLabs today.