“As federal agencies adopt more mobile devices and ways of operating, government security officials are looking to least-privileged and multi-factor authentication methods of cybersecurity to ensure data protection on mobile phones.”
“Health and Human Services Office of the Secretary CISO Kamran Khaliq spoke on the unique data protection challenges that come with mobile devices during an FCW virtual event Wednesday. One of these obstacles is the variation of sensors on mobile that collect various information — such as camera, motion, location, acoustic or mechanical data.”
“Because mobile devices collect all this sensor data that can be shared with different apps and other devices, Khaliq said approaching data security from a ‘least-privileged’ model is critical.”
“’The intent of that app is to either publish or post or track or monitor something in a business function,’ Khaliq said. ‘If you can minimize the access of that app to only address those particular areas, that would be really the path in terms of managing the least-privileged functions to securely use the apps at the enterprise.'”
“This model also provides guardrails for mobile device users amid potential dangers of downloading malicious apps or security threats in mobile software development…”
“As agencies also embrace zero trust architecture and approaches to security — especially amid the spring executive order to strengthen federal cybersecurity — Khaliq is also looking to strong identity and authentication in safe mobile device security…” Read the full article here.
Source: How HHS is Improving Mobile Security – By Melissa Harris, August 10, 2021. GovernmentCIO.
