Mattis Mandate Seeking to Ban Mobile from the Pentagon Means We Still have a Ways to Go with Mobile Device Security
02/02/18 15:45
A recent CNN article titled “Exclusive: Mattis seeking to ban cell phones from Pentagon” cites U.S. Secretary of Defense James Mattis as “actively considering banning US military civilian personnel from bringing their personal cell phones into the Pentagon.” The thing that came to mind when I read the first paragraph of this article was all the device security vendors and the years they have spent building mobile solutions that fit into Government workflows while still providing the capability for the user to check his/her Twitter feed at lunch.
The marketplace is still trying to wrap its proverbial arms around BYOD or where BYOD is not allowed and having to deal with carrying around two mobile devices. The latter was made famous in a picture (or, perhaps infamous to us in the mobile security industry) of former President Obama in his limousine with a mobile phone in left hand talking to someone and yet another mobile phone in his right hand in his lap. This image, taken just a couple of years ago, shows that though we’ve come far with our ability to be connected 24/7 with a mini computer, the POTUS had to carry two devices, one secure for work and a separate personal device. The mobile industry still has a long way to go to deliver secure devices at work while we’re connected, for both personal and work use.
Our approach to device security at Redwall is different. Years ago, when we were looking at the problem, we decided that rather than looking at signatures of viruses already in circulation, we’d look at what would keep us from hacking into a device. We took this “offensive approach” to building our Redwall Mobile® solution and sought a solution that would prevent our own white-hat hacker team from compromising a mobile device. Eventually we built a very unique device-hardening solution for smartphones that is installed below the application stack. While malicious operators are building apps disguised as games or productivity tools, our customers don’t have to worry too much because they’re protected below the application layer. In the scenario with Mr. Obama described previously, all he would need is a single mobile device with Redwall Mobile® installed.
Recently, this approach to technology stirred the interest of the U.S. Marine Corps, and we received a SBIR (Small Business Innovation Research) award from them. Clearly, certain parts of the U.S. Government are looking at smart and innovative ways to solve this problem better than merely stating “no more personal mobile devices in the Pentagon!” Furthermore, it remains to be seen what roles will be played by government and vendor community in solving the mobile device security problem. We are certain that Redwall will continue to work with the U.S. Marine Corps on building data security technologies for use in the field and hope that what comes of this collaborative effort might be shared with other branches of our armed forces and perhaps the Pentagon.
The Target breach of 2013, and the Anthem breach of 2015 have put enterprise security on the map and if you are a Security Information and Event Management (SIEM) software vendor, chances are, you’re doing well in 2018. One could argue that our problem in mobile device security is that we haven’t had a Target or Anthem breach attributable to a smartphone that puts a bullseye (pun unintended) on BYOD and CYOD practices. I would be interested in your thoughts on the role of the software vendor community in solving the recent Government security problem written about in the CNN article.
The marketplace is still trying to wrap its proverbial arms around BYOD or where BYOD is not allowed and having to deal with carrying around two mobile devices. The latter was made famous in a picture (or, perhaps infamous to us in the mobile security industry) of former President Obama in his limousine with a mobile phone in left hand talking to someone and yet another mobile phone in his right hand in his lap. This image, taken just a couple of years ago, shows that though we’ve come far with our ability to be connected 24/7 with a mini computer, the POTUS had to carry two devices, one secure for work and a separate personal device. The mobile industry still has a long way to go to deliver secure devices at work while we’re connected, for both personal and work use.
Our approach to device security at Redwall is different. Years ago, when we were looking at the problem, we decided that rather than looking at signatures of viruses already in circulation, we’d look at what would keep us from hacking into a device. We took this “offensive approach” to building our Redwall Mobile® solution and sought a solution that would prevent our own white-hat hacker team from compromising a mobile device. Eventually we built a very unique device-hardening solution for smartphones that is installed below the application stack. While malicious operators are building apps disguised as games or productivity tools, our customers don’t have to worry too much because they’re protected below the application layer. In the scenario with Mr. Obama described previously, all he would need is a single mobile device with Redwall Mobile® installed.
Recently, this approach to technology stirred the interest of the U.S. Marine Corps, and we received a SBIR (Small Business Innovation Research) award from them. Clearly, certain parts of the U.S. Government are looking at smart and innovative ways to solve this problem better than merely stating “no more personal mobile devices in the Pentagon!” Furthermore, it remains to be seen what roles will be played by government and vendor community in solving the mobile device security problem. We are certain that Redwall will continue to work with the U.S. Marine Corps on building data security technologies for use in the field and hope that what comes of this collaborative effort might be shared with other branches of our armed forces and perhaps the Pentagon.
The Target breach of 2013, and the Anthem breach of 2015 have put enterprise security on the map and if you are a Security Information and Event Management (SIEM) software vendor, chances are, you’re doing well in 2018. One could argue that our problem in mobile device security is that we haven’t had a Target or Anthem breach attributable to a smartphone that puts a bullseye (pun unintended) on BYOD and CYOD practices. I would be interested in your thoughts on the role of the software vendor community in solving the recent Government security problem written about in the CNN article.