WELCOME TO THE CONTINUITY CENTRAL ARCHIVE SITE

Please note that this is a page from a previous version of Continuity Central and is no longer being updated.

To see the latest business continuity news, jobs and information click here.

Business continuity information

NIST releases draft guidelines to secure mobile devices

The US National Institute of Standards and Technology (NIST) has published draft guidelines that outline the baseline security technologies mobile devices should include to protect the information they handle. Smart phones, tablets and other mobile devices, whether personal or ‘organization-issued,’ are increasingly used in business and government. NIST's goal in issuing the new guidelines is to accelerate industry efforts to implement these technologies for more cyber-secure mobile devices.

Securing these tools, especially employee-owned products, is becoming increasingly important for companies and government agencies with the growing popularity—and capability—of the devices. Many organizations allow employees to use their own smart phones and tablets, even though their use increases cybersecurity risks to the organization's networks, data and resources.

Guidelines on Hardware-Rooted Security in Mobile Devices defines the fundamental security components and capabilities needed to enable more secure use of products.

The guidelines recommend that every mobile device implement three security components. These are foundational security elements that can be used by the device's operating system and its applications. They are:

  • Roots of trust, which are combinations of hardware, firmware and software components that are designed to provide critical security functions with a very high degree of assurance that they will behave correctly;
  • An application programming interface that allows operating systems and applications to use the security functions provided by the roots of trust; and
  • A policy enforcement engine to enable the processing, maintenance and policy management of the mobile device.

The authors of Guidelines on Hardware-Rooted Security in Mobile Devices, Special Publication 800-164 (Draft) request comments to improve the draft. The publication may be downloaded from http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-164. Please submit comments by December 14, 2012, to 800-164comments@nist.gov

•Date: 1st Nov 2012 • US/World •Type: Article • Topic: ISM

Business Continuity Newsletter Sign up for Continuity Briefing, our weekly roundup of business continuity news. For news as it happens, subscribe to Continuity Central on Twitter.
   

How to advertise How to advertise on Continuity Central.

To submit news stories to Continuity Central, e-mail the editor.

Want an RSS newsfeed for your website? Click here