Tag: mobile security regulations

Mobile security guidelines released by White House

This announcement was made in line with the one year anniversary of the Digital Government Strategy.

Officials from the White House have just announced a number of new initiatives and resources that it is making available, including guidelines for mobile security, which are meant to help to boost the vision of the administration to allow access to government information, in a secure manner, on any device and at any time.

Digital Government Strategy U.S. CIO Steven VanRoekel made the announcement regarding these brand new initiatives.

He said that they are meant to help to maintain the building that is occurring on the foundation of accomplishments that have already been achieved over the last year by the Digital Government Strategy. Within a joint statement, federal CTO Todd Park, and VanRoekel announced that a government wide set of mobile security guidelines have been published by the White House Office of Management and Budget.

The guidelines also offer a baseline of standard mobile security requirements for federal agencies.

White House  - Mobile Security GuidelinesFurthermore, beyond those requirements for computing, it also includes a federal agency mobile computing decision framework, and a reference architecture for mobile security. These new documents are meaningful not only because they provide a standard for government agencies and industry for the development of products that can be used more safely on government networks, but also because of the active roles in development that were played by the National Institute of Standards and Technology, the Department of Defense, and the Department of Homeland Security.

VanRoekel explained that “This work … really sets the foundation in place for the next phase of federal computing.” He also went on to add that “The future for us is one where mobile is the default computing platform.”

This announcement was made closely on the heels of an approval that the government gave to iPhones and other iOS based devices based on their ability to pass the mobile security requirements throughout a lengthy and exhaustive testing process. The federal government has also released a new catalog for developers that is made up of more than four hundred machine readable government data sets.

Mobile security improvements sought by bill to allow users to delete data

Mobile Security appThis proposed regulation would allow smartphone users to ask apps to delete their information.

U.S. Representative Hank Johnson (D-Georgia) has proposed mobile security legislation that would make it possible for smartphone users to be able to request that apps cease the collection of their personal data, and that they delete information that has been previously collected about them.

The American lawmaker has released a discussion draft for the change to the current law.

The release was made regarding the Application Privacy, Protection, and Security Act. This proposed bill would require mobile security measures to be taken by all apps, in that they must provide their users with notice about the data that they collect, and they must receive consent from those users before they will be permitted to collect any personal information.

This mobile security proposal would also allow the users to control the information being collected or held.

Beyond simply requiring permission to collect the personal information in the first place, this mobile security measure would also make it possible for users of apps to be able to tell the developer that they will no longer be using the app and that they wish the collection of their information to stop. This would mean that the developers would not only need to cease the collection of the data, and would also have to delete any personal data that has already been collected “to the extent practicable”, said the discussion draft.

Rep. Johnson used the AppRights.us website in order to solicit ideas for the mobile security and privacy bill that he wanted to propose. The website was initially launched in July 2012. He explained in a statement that “Because the majority of the feedback that we received on AppRights expressed strong support for user control, transparency, and security, we incorporated these principles into the bill.”

He also added that “Many of you also told us that simple mechanisms are important to protecting your privacy on mobile devices.” He went on to say that after he had heard the concerns that were raised, he was able to write provisions that would address them in a way that would provide increased mobile security, without threatening the integrity or functionality of the “apps that you love.”