Share

Related Links

Top 5 Stories

News

CESG approves BlackBerry Enterprise Solution for ‘restricted’ government information

12 April 2011

The government's technical security advisor CESG has approved the BlackBerry Enterprise Solution from Research In Motion for protecting material classified up to and including "restricted".

Certified under the CESG's CAPS programme, the product provides secure mobile access to resources such as e-mail, contact and calendar information, internet/intranet browsing, instant messaging and back office services and resources, including the use of third-party software and applications.

But Ron Gula, chief executive at Tenable Network Security, says regardless of platform, the main challenge to mobile security is the vulnerability of mobile data.

Mobile technology is often new and rapidly changing, so the potential for spyware is huge and all smart devices will continue to be a constant security concern now and in the future, he says.

"Smart devices entering the workplace represent a combination of opportunity and threat, so organisations must understand the bigger picture of where information rests and flows within the network," said Gula.

The IT network management environment is only going to become more complex and challenging, both internally and externally, he says, so businesses must ensure that they can see what is happening at every moment.

Gula believes the only way to truly protect systems is through comprehensive network visibility.

Although CESG has approved the BlackBerry Enterprise solution for government use, it is on condition that administrators of the system follow CESG security procedures.

Smartphone risk management guide

The CESG has also published a guide on risk management of smartphones by the UK public sector after consultations with smartphone platform providers.

The guidance, however, is accessible only to government employees with secure intranet accounts, according to The Guardian.

The guidance also applies only to lower-risk situations, which cover large parts of the public sector, but is not applicable for data classified "restricted" or above.

According to CESG, the guide covers systems management and maintenance, configuration settings, architectural advice, user education and awareness training, and information on common risks to mobile working.

The guide also highlights where a significant risk remains due either to a lack of technical or procedural controls to reduce it or heavy reliance on procedural mitigation.

The guide covers products from Apple, Microsoft, Nokia and Research In Motion to enable government organisations to choose the platform that best suits their business needs.

This story was first published by Computer Weekly
 

This article is featured in:
Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×