Appthority, IBM, Kryptowire, Lookout, Mobileiron, and Qualcomm, have joined the National Cybersecurity Center of Excellence (NCCoE) as technology collaborators in the Mobile Device Security for Enterprises project (MDSE).*
In response to a call in the Federal Register, these companies submitted capabilities that aligned with desired solution characteristics listed in the project description. These technology collaborators were extended a Cooperative Research and Development Agreement (CRADA; see example) enabling them to participate in a consortium where they will contribute expertise and hardware or software to help refine a reference design and build an example standards-based implementation.
This collaboration will result in two separate publicly available Cybersecurity Practice Guides (NIST Special Publication 1800 series) that will document different management technologies, each detailing how commercially available technologies can be used to secure mobile devices.
Making Mobile Devices More Secure
While mobile devices can increase organizations’ efficiency and effectiveness, it can also leave sensitive data vulnerable. Built-in mobile protections may not be enough to fully mitigate the security challenges associated with mobile information systems. Usability, privacy, and regulatory requirements each influence which mobile security technologies and security controls are going to be well-suited to meet the needs of an organization’s mobility program.
The MDSE project aims to help organizations across business sectors develop a series of clear and repeatable reference mobile architectures that any organization can adapt and adopt to ease design, accelerate deployment, and build in security for their mobility program from the outset. All products incorporated into the reference design will be standards-based and commercially available products.
The NCCoE worked closely with industry to demonstrate different management technologies, which detail how commercially available technologies can be used to manage and secure mobile devices while supporting two usage scenarios:
- Scenario 1- in which strong data confidentiality is implemented using certified and validated technologies
- Scenario 2 – in which business productivity tools are deployed to mobile users with a variety of risk profiles
Read the full release from the National Cybersecurity Center of Excellence here.