Is anyone’s information safe if the Army falls short in data security?
Following the path of companies world wide, the Army has been advocating the use of mobile devices. This military division in particular is a government leader in adopting the mobile trend.
“Army deputy CIO Mike Kreiger characterized the Army as ‘pushing the envelope and moving fast’ in its mobile strategy as he announced an Army plan to move toward a bring-your-own-device strategy in 2013,” according to an InformationWeek article.
Unfortunately, according to the report conducted by the Department of Defense (DoD) inspector general, the Army CIO has failed to properly develop data security policies for mobile asset management (MAM).
The report warned the lax restrictions and data security policies will make the Army more susceptible to cybersecutiy threats. If remained insecure, DoD assistant inspector general Alice Carey noted “malicious activities could disrupt Army networks and compromise sensitive DoD information.”
Limited to Android, iPhone and Windows mobile devices, the report handled by the DOD inspector found that devices were, in fact, connecting to Army networks and storing sensitive information, contrary to the Army CIO’s allegations. As a result, inadequate data security applications were set in place.
The inspector general visited the U.S. Military Academy and the Army Corps of Engineers’ Engineer Research and Development Center. The report found that neither of these two organizations was authorized to use or test a substantial percentage of their mobile devices.
More than 600 mobile devices were being utilized, tapping into “sensitive legal information” and classified Army email, without the permission or awareness of the Army CIO!
Data security has become one of the major road blocks in widening mobile device usage across the federal government. A bring your own device (BYOD) program has even been at a stand still until privacy concerns can be resolved.
If the Army wishes to continue improving its mobile presence, proper data security actions must be improved and complete compliance by all parties with Army CIO and inspector general standards must be in place.