Navigating the 'unholy' matrimony of mobile and cloud

 

Connecting state and local government leaders

Mobile computing and the cloud, which each have their own security concerns, have become inseparable.

Chief information security officers (CISOs) are increasingly faced with pressure to adapt existing security paradigms and practices to facilitate emerging technology revolutions that fuel business innovation and citizen services. This is exemplified by the rise of smarter mobile devices with access to corporate data driven by the explosion of consumerized IT and the confluence of cloud-delivered services. As a result, a new framework for the underlying security model must be established in order to securely enable essential enterprise/citizen interactions.

Mobility and cloud computing are so intertwined that separating the two in the context of ubiquitous electronic transactions is difficult at best. This is based on the fact that accessing a cloud requires a device. Increasingly, that device is mobile and is quickly transitioning from laptop or netbook to tablet or smart phone.


Related:

The grace period on mobile security is over


Employees in both the public and private sectors are quickly realizing that smart phones and tablets rival the computing power of traditional PC-centered devices. Offering feature-rich, better-designed user interfaces and built-in support for wireless connectivity, these devices have become the mobility devices of choice for technology users. Despite the richer and better-designed user interfaces, the main functionality and core processing for these devices typically takes place in the cloud. This wasn’t always the case since first-generation mobile apps contained all the functionality in the application itself, requesting data from the back-end service.

Fortunately, the federal government historically has taken a more conservative and risk-averse stance to technology adoption than the private sector, which has largely shielded federal CISOs from the onslaught of "bring your own device" (BYOD) clarion calls. Conversely, private-sector CISOs have had to upgrade, if not completely overhaul, their corporate security program and policies to facilitate the transformative and business-enabling effects the explosion of consumerized IT and cloud-delivered services require.
 
The harsh realities of today’s technology-rich business environment is that the network boundary is truly ubiquitous, extending to the palms of employees carrying mobile devices as well as in the cloud. CISOs must soon accept that the time of the legacy hardened perimeter-based security architecture model is history.

So how then should government CISOs look to secure the mobile cloud? Unfortunately, there are no easy answers, no quick checklists and no cookie-cutter approaches. There are, however, some basic truisms that should be included in the core underlying framework:

• Secure access provisioning. Easy access to the right data/applications/information at the appropriate authorization levels needed by employees to do their jobs.

• Robust security and privacy at both the endpoint and within the cloud in order to enforce corporate policy on both device and cloud infrastructures.

• Device agnostic approach. The flexibility to support more than the latest "flavor of the month" smart phone technology.

• Trusted Internet Connection (TIC). For private cloud offerings, some federal agencies will enforce accesses to traverse their TIC or corporate infrastructure. The option exists to facilitate connectivity from anywhere.

• Government cloud (“Gloud”). Shared infrastructure and/or leveraging the buying power of government through the lines of business model.

• Trusted identities. Integration with varying multi-factor authentication mechanisms.

• Security Assessment and Authorization (SA&A) reciprocity. Assess once, use many with the need to only assess risk acceptance.

In the end, government CISOs must transform existing legacy hardened perimeter-based security architectures to support secure access provisioning, robust security and privacy at both the endpoint and the cloud demarcation points, while providing flexibility to support the range of mobile devices employed by today’s users.

As if security practitioners weren’t already faced with abundant security challenges from these respective technological advancements, the “unholy” matrimony of the two further exacerbates the challenge of ensuring adequate corporate protections while not impeding the transformative effects of these technologies on the government innovation landscape.

 

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.