by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : July 15, 2013
QWhy is centralized mobile security integral to an agency s overall enterprise security strategy? One interesting observation is that mobile device tra c is treated di erently, even though people are accessing the same data and other resources that they access today from their desktops or laptops. e key re- quirement is to adopt a central- ized set of policies and controls. A lot of the security solutions for mobility are stand-alone solutions, whether it s a mobile device management or anti-virus software. And it may be hit and miss because of the di erent operating systems on mobile devices, which have di erent issues. It doesn t have to be that way: You can have a solution that looks at security holistically from an organizational point of view. Q What are the essential elements of a mobile device security policy? A What is essential is that you must develop policies that are consistent with what you are doing on the desktop and other devices. You need to have the same kind of rules where you block or allow certain things across di erent access points to your organization s network. ere are some freedoms that mobile device users take for granted. For example, they expect to access Facebook on a mobile device, even though that is not allowed on the enterprise side. But organizations should be consistent, whether it s a desktop, laptop, smartphone, tablet or other mobile de- vice. You need a written policy that lets people know in advance that they should or should not be able to do something. Q How can agencies provide adequate mobile security without overburdening users? One of the most important components of a mobile security policy is authentication -- being able to log in with a single sign-on, whether it s using biometrics, two- factor authentication, or some other secure means. You need a streamlined authentication method so that em- ployees don t have to go through four or ve gates to get to where they want to go. at was one of the issues with mobile devices and identity management methods in the early years -- they were very complicated. But things can be simpli ed if people look at the front-end authen- tication side of it before they implement solutions. QWhat are the primary security concerns that arise with bring-your-own-device (BYOD) initiatives? A ere are so many di erent applications that ask for permission to access your contacts list, le systems or SMS messaging function. ose applications, whether they are games or business apps that people download, introduce vulnerabilities on the data side of the device, such as malware. BYOD devices are more susceptible because they are personal devices rst and the organiza- tion s second. So you have to make sure those devices are free of malware before you allow them access to systems, and you need to provide continuous auditing or some kind of checks and balances, just as you do with PCs. Q How can agencies reduce the complexity of managing the mobile security environment? A e rst thing is to keep it simple. Don t make your ad- ministrative burden too complicated by allowing and enabling too much. For example, if you pick speci c de- vices or operating systems that you will support, it will reduce your overhead downstream in terms of the people who have to answer the help desk calls and the patches and applications that must be updated. e second thing is to recognize that there is no harm in asking for help. At AT&T, we have very experienced mobility security teams, both on the consulting and on the implementa- tion side. e mobile ecosystem changes frequently, so you have to have a set of tools and a partner that can adapt and help you improve your security posture. A A Don't take mobile security for granted Miles Mendenhall Director, Security Technology, AT&T Services Sponsored Content For more information from AT&T, go to www.att.com/gov/protect
June 30, 2013
July 30, 2013