Last week, GovLoop launched its “Agency of the Future: Guide to Mobile Security in Government”, which you can download here. The guide is packed with fascinating insights from a survey of 255 government employees, including a breakdown of which mobile devices employees use, their ability to download apps on those devices and the degree to which policies and training are present and useful. However, we didn’t include the results of one question:
What threats place you and your agency at the greatest risk when it comes to using mobile devices for work?
Below are the survey results to that question, ranked in order of response:
- Using public wireless networks to complete work with mobile device (44%).
- Downloading applications or content to mobile devices that are used for work (16%).
- Using a personal mobile device for work-related activities (15%).
- Accessing a government-related network while working remotely (9%).
- Being tracked by GPS embedded on a device used for work (6%).
- Using an agency-issued mobile device outside of the office (4%).
Given the fact that most employees zeroed in on the threat created by using public wireless networks to access, it’s worth extracting a quote from our interview with Bradley Nix, Chief Information Security Officer (CISO) at the Agriculture Department’s Food & Nutrition Service, who said that the context where you work is critical:
For instance, when an employee is “sitting on the beach reading email, they are not likely to be as cautious with the communications they receive on their mobile device.” It’s a much different scenario, Nix said, “when you are sitting behind your desk and you’ve got your tie on, sitting up straight in your chair.” Ultimately, agencies need to help people to “understand that they have to maintain that same level of vigilance when they are in these different capacities.”
From our survey results, employees seem to understand the inherent risk in accessing agency information on a public network, but they might be deemphasizing the threat of working outside of their typical duty station. The advice from a leader like Nix is that government employees ought to be careful with all agency data, regardless of its classification level. Public information is often an agency’s greatest asset, and needs to be protected as we move to an increasingly mobile context.
What do you think is the greatest threat to an agency
when it comes to an increasingly mobile workforce?
Again, I’d encourage you to read the full guide. You can find it here: “Agency of the Future: Guide to Mobile Security in Government” or click here to download it now.
SPECIAL THANKS TO OUR SPONSORS:
We also thank Carahsoft and their partners: Symantec, EMC, Adobe, Ironkey, BoxTone, Good Technology and VMWare, for serving as the exclusive sponsors of this guide, underwriting the research and interviews that led to this report.
RELATED RESOURCES:
- GovLoop’s Mobile and Cybersecurity Hubs
- Agency of the Future: Cloud Computing
- Agency of the Future: Customer Service
- Agency of the Future: Open Source
- Agency of the Future: Telework
Want More GovLoop Content? Sign Up For Email Updates
Where is the greater threat, in the office or at the beach? What is the likelihood a hacker will follow me to the beach on the off chance they can get close enough to tap into the wifi signal between my cellular device and my laptop and I also decide to read work emails and they contain anything of value? I certainly hope my agencies enemies are that stupid. It would make defending against them much easier.
Yes, we need to be safe at all times but we also need to use common sense. Using a wifi connection to access business or personal financial information anywhere in an urban environment is risky at best and encryption software is critical. But unless you really do work for a bank or national security agency, reading run of the mill emails on your blackberry at the beach will probably not cause the demise of western civilization as we know it.
Hey Peter – Maybe laptop at the beach is not the biggest risk…so what you would say is compromising agency security most in a mobile society?