by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : February 2013
Mobile users In addition to understanding where mobile security vulnerabilities lie, IT managers must grasp how people use their smart phones, Dilts said. "Even if you re a government or commer- cial or enterprise user, you have to realize that the mobile device is a consumer device, and the consumers and the users of those devices will use them as a consumer device while accessing business work as well," he said. And as use rises, so will the potential for trouble, such as viruses, worms, spyware, theft, loss, data communication interception, exploitation, data leakage and a direct attack. Despite the security challenges, many gov- ernment agencies are failing to address them, Dilts said. Reasons for inaction include: - place beyond just Band-Aids. systems. devices. Rules vary across departments. data plans and manpower. An all-inclusive solution To address all those concerns, AT&T s Chief Security Office is looking to a single answer. "Mobile security --- you can t protect it just by buying it out of a box," Dilts said. "You can t just go buy a mobile client, stick that on the device and expect that mobile application to handle all the security. It can t do it on its own." Additionally, protections need to be auto- matic, not left up to users to implement, he said. "When you put a solution in place, it needs to be something that s not complicated to the end user," Dilts said. "It needs to be almost in-line and unrecognizable to the end user, so they go about their business and something watches the traffic and protects them in-line while it s happening." The common denominator that will solve a majority of mobile security concerns is the network, AT&T s research has found. The company s Mobile Security Strategy and Platform are based on that notion. The approach is three-pronged: network. The technical areas that AT&T s mobile security tools address are the device, which means built-in security; registration and authentication; network-based control; and classifying endpoints. When a user registers a device, the network acknowledges that it exists and is clean and the user is authenticated. Then the device is ready for use and will be checked automatically for malicious code via, for instance, URL filtering. "All of those things happen without the device doing anything other than just connect- ing up to its resource," Dilts said. The strategy is tied to AT&T s Managed Trusted Internet Protocol Service, a platform designed for government customers wire-line needs. Applied to mobile networks, potential benefits include real-time virus, malware and malicious application protection; protec- tion from threats delivered via SMS, MMS, Bluetooth, Wi-Fi, 2.5G, 3G, 4G, infrared or desktop sync; and blocked access to known malicious sites. Other benefits to the AT&T mobile security client include the same design across operat- ing systems and automatic protection after a single-click device registration and a single- click user authentication. "You notice the users don t have to put in passwords and e-mail addresses and these things," Dilts said. "The advantage of doing that as well is that we keep personal data out of the application." AT&T Toggle is another solution for addressing the bring-your-own-device (BYOD) arena. This means that an agency can protect work-related information on employees per- sonal phones through the use of containers that enable access to enterprise resources while leaving the user s other operations untouched. The concern is that the open side of the device could get bogged down with malware and spyware that interfere with the container side s usability. Toggle eliminates that worry by monitoring the device holistically to ensure it s not crowded with malware. "By deploying this in a BYOD scenario, it s actually to the user s advantage to have some kind of security controls," Dilts said. Toggle works with almost all carriers, devic- es and major operating systems, and it supports smart phones and tablet PCs. Moving forward As government agencies work to define mobile users abilities and implement security measures, the important thing for IT manag- ers to remember is that applying Band-Aids can only get you so far, Dilts said. They must understand the challenges at a granular level and make educated choices. "We see a lot of people just throwing money at solutions for the sake of doing something," he said. "It s always good to make a step in the right direction, but you need to make sure that direction is correct." SPONSORED CONTENT www.att.com/gov/mobile constant, clear solutions that are available, that are easy to manage, and that actually go after the threats and events and things that you want to control.'" -- Rodney Dilts, director of network-based security in AT&T s Chief Security Office
March 15, 2013