Many organizations have already invested significantly in projects that support mobility. The Center for Digital Government (CDG)’s 2021 Digital Cities and Digital Counties Surveys found that on average 85% of city respondents and 75% of county respondents are using location services, native mobile apps and text message/SMS channels. As organizations move forward with mobility, they should consider compute and storage capacity, end-to-end security, service design and delivery, and application rollout. Another important strategy is to have multiple options, so the organization can adjust to cost changes and inflationary pressures that could impact targeted business outcomes. Learn how your agency or municipality can move toward mobility in Carahsoft’s Innovation in Government® report.
Driving Innovation with Mobility
“It comes down to identity and Zero-Trust concepts. Strongly authenticating someone and having confidence in their identity is especially important as organizations work with sensitive or private information. Organizations need to consider how users move through sensitive data from a strong authentication and authorization standpoint. That brings us to Zero- Trust development models. How do you architect to create a safe landing space for people to come in and then traverse into legacy systems where critical information is stored? How do you set up safe, well-orchestrated and known boundaries, so employees and the public don’t have challenges when they try to access data? That’s critical in your systems.”
Read more insights from Red Hat’s Chief Architect and National Technology Adviser, Kevin Tunks.
Mobilizing Your Enterprise Securely
“The first challenge is education — understanding what mobile app security means; what the risks are; and what tools, techniques and processes should be employed. The second challenge is determining whether to build the program internally or leverage third parties. Setting up your own program and building a security team to do things like continuous testing, penetration testing, security analysis and supply chain risk management is costly and complicated. Most agencies are turning to commercial off-the-shelf packages or managed service providers that scan and vet mobile apps. Doing so provides instant intelligence on what security risks might live in those mobile apps, so organizations can decide whether to allow them.”
Read more insights from NowSecure’s Chief Mobility Officer, Brian Reed.
Addressing Today’s Mobile Threats
“A lot of Zero-Trust conversations today revolve around validating identity and making sure that a person is who they purport to be. However, if their device has a malicious payload when they’re granted network access, then all we’ve really done is identify that they were the source of the attack. We believe that when you validate the person’s identity, you must simultaneously do device attestation to validate the integrity of their device. Only then should the person be granted access to that particular resource or infrastructure. You can’t say you have Zero Trust if you haven’t attested the device. The two go hand-in-hand.”
Read more insights from Zimperium’s Vice President for Public Sector, Jim Kovach.
Moving from Mobile-First to Mobile-Only
“Organizations must secure all devices that process enterprise data. It’s important to look past “industry standard” protections of yesterday and embrace newer technologies that employ AI and machine learning to provide smarter, quicker and lighter-weight ways of protecting assets. In addition, it’s best to implement mobile-first architectures, 5G (as well as the anticipated 6G release) and cloud architectures simultaneously with their non-mobile infrastructure counterparts. Non-negotiables include yearly penetration testing, programs to review and test third-party applications within agency environments, and securing mobile devices as strongly as desktops. It’s also wise to ensure the security posture of cloud environments is equivalent to on-premises environments. Of course, securing data in transit and at rest is essential. Finally, end-to-end security can’t take a back seat to appeasing users’ demands.”
Read more insights from the BlackBerry Sales Engineering team.
Download the full Innovation in Government® report for more insights from these mobility thought leaders and additional industry research from GovTech.
