Is mobile security finally getting some respect?

DIG IT AWARD FINALIST: MOBILE

At DHS, software assurance goes mobile

A mobile workforce is emerging faster than many agencies are prepared to handle. But a new mobile security program, developed by the Department of Homeland Security, is proving that reducing the security risks of third-party applications is not such a remote possibility.

Dig IT Award Finalists

The GCN Dig IT Awards celebrate discovery and innovation in government IT.

There are 36 finalists this year. Each will be profiled in the coming days, and the winners for each category will be announced at the Oct. 13 Dig IT Awards gala.

See the full list of 2016 Dig IT Award Finalists

As the use of mobile applications has risen among government employees, so too has the risk of becoming a target of hackers. Thus, government agencies are seeking technologies to help ensure the security of the mobile applications their employees use.

To that end, DHS' Science and Technology Directorate deployed Kryptowire's mobile app software assurance tools, a cloud-based research and development system for assessing risk, analyzing vulnerabilities and archiving mobile applications.

Using the tools, information security professionals can analyze the functional capabilities of and essentially vet third-party mobile applications without having access to source code. In addition, the program enables system managers to act swiftly to enforce agency security policies, including preventing access to files and sensitive data, device sensors, cameras and networks, which is especially critical because "the technology landscape is changing at an ever-faster rate, and the security stakes are becoming higher," said Vincent Sritapan, program manager for mobile security research and development at DHS directorate's Cyber Security Division.

"The mobile app software assurance program has managed to address a real and pressing problem, has transitioned the technology into the hands of agencies…and has also helped make the technology available through the [General Services Administration's] IT Schedule 70 to get it into the hands of those that need it much faster," he said. "We started with a real need and delivered a technology that is commercially viable and best in class."

The project has quickly matured, with DHS headquarters, the department's "Mobile Carwash" effort, Customs and Border Protection and the Federal Emergency Management Agency all working together to share evaluations on mobile applications. Ultimately, DHS aims to make continuous mobile application vetting an automated process for all government agencies.

Note: This article was updated on Sept. 28 to clarify that DHS' Mobile App Software Assurance Research and Development Project and "Mobile Carwash" are separate initiatives.

About the Author

Karen Epper Hoffman is a freelance writer based in the Seattle area.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.