June 23, 2020
The Increasing Need for Mobile Security in U.S. Federal Agencies
Recently, in partnership with Meritalk, Lookout conducted a survey to get a better understanding of how federal cybersecurity managers think of their agency’s mobile defense posture. What we found was rather encouraging – the appetite for mobile security is increasing as agencies recognize the vulnerabilities introduced by telework and mobile devices. Mobile security is now an imperative. I’m encouraged to see mobile security and zero trust come to the forefront of federal security priorities.
The challenge presented by telework and personal devices
The recent shift to telework has exposed something that has been happening for a while now – employees are accessing sensitive data through their personal smartphones and tablets while they’re outside the protective perimeter of the office. Mobile devices are now the center-piece of many employee’s security and productivity workflow.
According to our survey, 97 percent of security managers say their workforce uses mobile for multi-factor authentication, application access or data access. For many public sector employees who previously had always performed their job in an office, the computer they use is typically a desktop machine and not a laptop. With telework, there has been an increase in the use of tablets by employees that did not have a laptop computer.
85% of federal cybersecurity managers agree mobile work increases the risk of cyber threats to their agency’s data. See this infographic to get a breakdown of the survey Lookout conducted in partnership with MeriTalk.
Security managers who responded to the survey seem to understand that, while tablets and smartphones boost productivity, they also come with security challenges. 85 percent of the respondents agree that mobile devices for telework increases the risk of cyber threats and 75 percent are more concerned about their mobile security posture today than they were three months ago.
The solution: Mobile endpoint security
So with the traditional perimeter security no longer effective, how do you protect your agency’s data? 81 percent of managers surveyed said that mobile security is essential. I completely agree. Mobile endpoint security is the only solution that can protect you from the full range of threats your agency’s mobile devices are facing.
Many organizations believe that if they have mobile device management (MDM) in place, they’re protected from mobile threats. This is not true. MDM solutions provide management functions, but they lack comprehensive threat protection. You need mobile security for real-time visibility into app characteristics and to protect against device, app, network and phishing threats.
Zero Trust: Not all solutions are equal
Something everyone needs to understand is that not all mobile security solutions are created equal, and according to our survey, 78% of agency managers agree with me. Comprehensive security needs to adhere to a zero-trust model.
What that means is that all devices seeking to connect to agency data should not be given access until it is free of compromise. Mobile devices can be compromised by vulnerabilities in operating systems, in applications or in networks. A zero-trust solution will ensure a mobile device is free from those vulnerabilities by constantly monitoring its health, and restrict access to agency data when the risk profile changes for the worse. This approach has gained a lot of momentum in recent months, including through initiatives like NIST’s Zero-Trust Architecture Draft.
Find a solution that works for you
The use of tablets and smartphones for government telework will only increase in the future. It is crucial that agencies protect these devices with mobile security. As you search for a mobile security solution, make sure it integrates seamlessly with your MDM and that it adheres to a zero-trust model.
As a trusted FedRAMP JAB P-ATO certified mobile security provider, Lookout recognizes the need to secure government mobile devices in a telework world. Find out more about how Lookout can strengthen your agency’s cybersecurity posture by visiting https://www.lookout.com/industries/federal-government
Book a personalized, no-pressure demo today to learn:
Discover how adversaries use non-traditional methods for phishing on iOS/Android, see real-world examples of threats, and learn how an integrated security platform safeguards your organization.