General document | Using Mobile Platforms for Sensitive Government Business

Abstract

Mobile platforms such as smartphones are becoming increasingly popular for both personal and commercial use. When the data being stored and transmitted by these devices is sensitive this can introduce a host of security issues, some of which are discussed in this report. A summary is provided of existing practices for the use of mobile devices with sensitive information, in both governmental and business contexts, and emerging technologies for improving security are reviewed. Finally, some recommendations are offered for policymakers interested in increasing the role that mobile devices are allowed to play within the Australian Public Service and elsewhere.

Executive Summary

This report investigates the issues and risks that are involved when mobile platforms, such as smartphones, are used for conducting sensitive government business. The objective of this work is to develop fresh but well researched perspectives on the manner in which these devices may be used without compromising security, so that policymakers within Defence and elsewhere in Australian government can be better informed when making decisions. The report offers specific advice on how smartphone policies and research efforts may be adjusted to improve smartphone utility in government, better protect confidential information and save on certification costs.

A range of general security issues associated with smartphones are discussed. Additional issues are also identified that arise in specific usage scenarios, namely the traditional corporate technology paradigm where the organisation owns and administers the device and the bring-your-own device paradigm. Some of the known smartphone vulnerabilities are outlined, along with the threats that may exploit these.

A survey of current and emerging smartphone technologies is presented, with a focus of technology for improving smartphone security or facilitating the integration of employee-owned smartphones with corporate or government systems. This survey includes a review of smartphone technology certified for use within the Australian government.

Existing policy and practice for professional smartphone use is reviewed and critiqued, considering the experiences of private industry, the United States Government and the Australian government. Finally, some suggestions are made for how Australian government policy could be improved to provide better utility for professional smartphone users within government, whilst minimising the security risks. Based on technology which is currently available, this report recommends that the present policy of certifying popular commercial smartphone operating systems and allowing users to use personal devices for professional purposes should be reviewed, in favour of forcing users to use a government owned smartphone with a certified hypervisor operating system. Such a system provides secure separation of a number of different enclaves on the phone, which the user may switch between. The advantage of this is that there can be several professional enclaves on the phone, each administered by the organisation and at its own individual classification level, with the operating systems installed and configured by the organisation’s information technology staff (e.g. a previously certified operating system such as Windows Mobile). Moreover, there can also be a personal enclave running an operating system of the employee’s choice (e.g. Android), which is fully controlled by the employee and which can become compromised without affecting the security of the other enclaves or the privacy of any sensitive information stored on them.

Some suggestions are also made for areas worthy of future research. In particular, it is recommended that head-mounted audiovisual displays be investigated as a means for allowing the private use of smartphones in public. As an extension of this, it is also proposed that a trusted input / output device be developed, which can allow a user to interact with remote applications on a secure government network, over a virtual private network connection through a personal smartphone and the Internet service provided by the carrier (both of which may be considered to be untrusted).