NIST Seeks Comments on Draft Mobile Security Guidance

July 25, 2019

NIST’s National Cybersecurity Center of Excellence (NCCoE) is seeking industry comments on its newly released draft guidance for corporate-owned personally enabled (COPE) mobile devices.

Mobile devices bring unique threats to the enterprise that need to be addressed in a manner distinct from traditional desktop platforms, NIST says. This includes securing against different types of network-based attacks on devices that generally have an always-on connection to the internet, malicious or risky apps that compromise the data that devices can access, and phishing attempts that try to collect user credentials or entice a user to install software. Additionally, the guide addresses how to reduce risks to individuals through privacy protections.

NIST’s National Cybersecurity Center of Excellence and its industry collaborators built an example solution demonstrating how organizations can use a standards-based approach and commercially available technologies to meet their security and privacy needs for using mobile devices to access enterprise resources.

The NIST Cybersecurity Practice Guide demonstrates how organizations can use standards-based, commercially available products to help meet their mobile device security and privacy needs.

The guidance was drafted in collaboration with several security stakeholders including Palo Alto Networks, Lookout, Kryptowire, and Qualcomm, among others. NIST is accepting industry comment until September 23, 2019.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

NIST Seeks Comments on Draft Mobile Security Guidance

Related Articles

Report Abusive Comment