Libraries and APIs attached to even official applications can be a conduit for security problems. Here's how to cover your tracks.
The Executive Office of the President recently issued Memorandum 19-17, “Enabling Mission Delivery Through Improved Identity, Credential, and Access Management,” which provides digital identities guidance and processes around authentication and access control. At the same time, the Defense Information Systems Agency (DISA) announced it’s exploring new authentication programs aimed at securing network perimeter endpoints, such as mobile devices, via hardware attestation and continuous multifactor authentication (CMFA) tied to biometric and contextual factors, according to Breaking Defense.
These latest moves point to a larger wave of federal activity aimed at shoring up defense and civilian agency networks. They also underscore why it’s more critical now than ever to adopt the most stringent connected device security policies, especially as agencies embrace more modern digital infrastructures and adopt new technologies as part of the push toward IT modernization.
Simply put, without the right data protection policies in place, federal personnel will be limited in their ability to take advantage of the benefits of mobile, cloud-based and other emerging solutions designed to ease the business of government, enhance productivity and, ultimately, deliver on agencies’ missions and promise of improved services to the American people.
Implementing Standards and Best Practices
Never before has there been as much momentum behind deploying security solutions that can both address risk management and provide an enhanced user experience. Security Technical Implementation Guides (STIGs) were developed to help mitigate security vulnerabilities, eliminate insider threats and secure IT infrastructure to support the Department of Defense (DoD) and other federal agencies in this new digital era. STIGs provide configuration standards for Information Assurance (IA) and IA-enabled devices and systems, critical to preventing malicious attacks on networks and systems.
Transform Your Tactical Operations With Mobility
Discover how DoD is deploying mobile technologies to enhance and streamline tactical operations. Download Now
Samsung recently received STIG approval for the Galaxy S9, tested in collaboration with DISA. The Samsung STIG enables agencies to innovate faster by providing enhanced security and manageability, usability without compromising security compliance, and ease of deployment by harmonizing with Android via application programming interfaces (APIs) and controls. Whether supporting tactical operations in the battlefield or enhancing workforce productivity in the office, STIG approval gives agencies the confidence they need to pursue new mobile use cases — from special operators using smartphones for situational awareness to flight line crews using tablets to maintain aircraft and ensure always-on mission readiness.
Creating a Forum for Ongoing Discussion and Innovation
Samsung held its inaugural Government STIG Stakeholder Workshop on June 4 at the Samsung Solution Center in Washington, D.C.
The event convened a community of government stakeholders representing 17 agencies to source feedback on the new STIG and glean insights from the audience. Participants, representing every branch of DoD, discussed how to shorten the process to STIG, learned how Samsung’s solutions portfolio is uniquely suited to solve federal agencies’ most pressing mission challenges, and heard from Samsung executives and industry experts about how the latest updates deliver maximum data and information security protection.
Samsung will continue to invest in collaborative forums like the annual STIG day, hackathons and other events designed to foster dialogue between industry and government, address the emerging challenges facing agencies and end users, and drive new solutions tailored to meet unique case-by-case needs. Stay tuned to Insights as we deliver on the promise of new device features and capabilities, achieve additional government certifications, and launch future events where industry and government can come together to innovate.
Explore Samsung’s government technology solutions, which are helping agencies maintain a strong security posture to support ongoing digital transformation initiatives.