Government Employees Struggle with Mobile Device Security

Sue Marquette Poremba
Slide Show

Ten Approaches to Protecting Mobile Data

Several dozen people of my acquaintance have security clearances of varying levels for their jobs. All of them have commented or complained about the restrictions involved with their clearances, mostly regarding their cellphones.

Mobile devices within government have long been a tricky issue. Some of the first high-profile breaches involved lost laptops and government agencies. And you may remember then President-elect Obama fighting to keep using his BlackBerry, which the Secret Service and other agencies deemed as a serious security risk.

A new survey from Mobile Work Exchange shows that perhaps the concerns about mobile device use within government agencies are spot on. The study, “The 2014 Mobilometer Tracker:  Mobility, Security, and the Pressure in Between,” finds a gap between policies and government secure mobility behaviors, with 41 percent of the respondents putting their agency at risk.

On the surface, it looks like the government workers are taking the right security steps. Eighty-six percent lock their computer when away from their desk, and 78 percent make sure they store files securely. But that’s in the office and using their desktop computers. The problem comes when they move to their mobile devices. For example, 31 percent of respondents said they use public Wi-Fi, while 25 percent said they don’t use passwords on mobile devices for work. The survey also found that a quarter of the respondents have not received any kind of mobile security training.

Here was a statistic that put into perspective just how serious this lack of security is. The survey revealed that 6 percent of government employees admit their phone was lost or stolen. Six percent is a pretty low number. But that 6 percent equals 3500 federal workers. Now think of the data to which federal workers have access. This is a serious security risk.

But, the most eye-opening figure comes at the end of the survey. People who work for federal agencies do a much better job with mobile security practices than those in the private sector. For example, although 15 percent of government employees have downloaded a non-work-related app on their work device, 60 percent of private sector employees have done the same. Why the difference? I do not know. Perhaps it goes back to those security clearances and the restrictions they put in place or it may be that the government has put policies in place where private industry has not. Even so, government agencies still have a long way to go to create a secure environment for mobile devices, but obviously, private sector has an even longer haul.

Add Comment      Leave a comment on this blog post
Jan 20, 2014 6:45 PM Bob Hobson Bob Hobson  says:
One of the most common causes of data getting in the wrong hands is the loss of mobile devices that often contain a frightening amount of private information. I want to share a protection option that worked for me. Tracer tags let someone who finds your lost stuff contact you directly without exposing your private information. I use them on almost everything I take when I travel after one of the tags was responsible for getting my lost laptop returned to me in Rome one time. You can get them at Reply
Jan 24, 2014 9:46 AM Maia Aguirre Maia Aguirre  says:
Article scratches the surface, but the problem is so far and wide, and the majority of decision makers do not understand the far reaching consequences and capabilities of a mobile device breach. Everyone is busy talking mobile device management solutions, but very few people are discussing the need for physical security requirements in secure or classified spaces. Just as Obama demanded access to his blackberry, many high levels are doing the same; and they are bringing a potential spy into secure spaces. Many of the regulations on paper are antiquated and insufficiently address the issues at hand. There are regulations stating that mobile devices must be stored in a secure container, yet there are no tech specs for said container and no approved products lists. I could put my phone in a cardboard box, and technically, I'd be compliant. The gov't has appointed tiger teams, advisory committees, etc., yet allows cameras, video & audio recorders into secure spaces. Forget Snowden, imagine what information someone could be gathering this very moment with their mobile device: pictures, conversations, presentations. And this doesn't even touch the surface of RF roving. Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.