GAO Urges Action On Mobile Device Security

Watchdog agency advises private sector and federal agencies to step up efforts to educate consumers against malware, other threats.

Patience Wait, Contributor

September 19, 2012

2 Min Read
InformationWeek logo in a gray background | InformationWeek

10 New Mobile Government Apps

10 New Mobile Government Apps


10 New Mobile Government Apps (click image for larger view and for slideshow)

The Government Accountability Office is calling on federal agencies and telecommunications companies to step up efforts to implement baseline security measures for mobile devices and to do more to educate consumers on the need to protect their devices.

In a new report, the GAO noted that malware attacks targeting mobile devices increased 185% from July 2011 to May 2012, according to Jupiter Networks. Despite the increased frequency of attacks, a 2012 study by mobile security company NQ Mobile and the not-for-profit National Cyber Security Alliance found that two-thirds of respondents had not activated password protection on their smartphones and 30% didn't have other security features.

The vulnerabilities include lack of two-factor authentication when conducting mobile transactions; malware-infected apps and those with unfixed flaws; devices using out-of-date and unpatched operating systems; a lack of security software and firewalls for Internet connections; and the use of unsecured Wi-Fi networks.

There are technical solutions for many of these risks, including passwords and encryption, and consumers can take other steps, such as downloading security software and avoiding public wireless networks for sensitive transactions.

[ Not sure an iPhone is for you? Read 5 Alternatives To The Apple iPhone 5. ]

Federal agencies with responsibility for promoting mobile security include the departments of Commerce, Defense, and Homeland Security (DHS), the FCC, and the Federal Trade Commission, with the Office of Management and Budget providing oversight and guidance within government.

Although federal agencies and telecommunications companies have taken steps to create standards for mobile device security, the scope of their efforts has been limited, and the mobile industry doesn't consistently implement security safeguards on devices, according to the GAO. The agency recommended that the FCC work with wireless carriers and device manufacturers to establish baseline mobile safeguards for the industry and that the departments of Homeland Security and and Commerce establish baseline measures of consumer awareness and behavior.

Cybersecurity, continuity planning, and data records management top the list in our latest Federal IT Priorities Survey. Also in the new, all-digital Focus On The Foundation issue of InformationWeek Government: The FBI's next-gen digital case management system, Sentinel, is finally up and running.. (Free registration required.)

Read more about:

20122012

About the Author

Patience Wait

Contributor

Washington-based Patience Wait contributes articles about government IT to InformationWeek.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights