By Rashed Abdel-Tawab, Lead Product Manager, CIS Mobile
When Apple recently announced several new features aimed at curbing the distribution of child sexual abuse material (CSAM), the backlash was predictable. Security experts and privacy advocates alike immediately criticized the technology, which enables Apple to scan photos stored in iCloud for matches against a database of known CSAM.
While Apple eventually decided to withdraw the feature, at least for now, the fact that this capability was introduced in the first place should immediately prompt government customers to ask whether their own employees’ photos (and other sensitive information) are being stored and scanned by big tech companies. Perhaps even more disconcerting is the fact that CSAM scanning apparently has been in use since 2019, unbeknownst to its users.
Consider Android and Google. Given the way in which Apple road-tested CSAM scanning before announcing that it even existed, isn’t it reasonable for government IT administrators to conclude that the majority of government personnel using Android phones are having their documents, photos, and other potentially sensitive information automatically stored to Google’s cloud services?
Add to this the fact that many employees at these government agencies may have simply accepted features such as CSAM scanning, which enable companies like Apple and Google (along with a host of telecom providers, app creators, and others) to collect and track their digital footprints when they first turned on their phone. Information embedded in photos, for example, provides metadata that identifies time, location, and the type of phone that took the picture. This potentially could reveal sensitive information to foreign adversaries, jeopardizing both the phone user’s life and national security.
Where does that leave government IT administrators? Some have responded by completely banning commercial phones on-premises. While this may seem like a completely logical approach, it simply doesn’t work in practice; government employees still need to use devices while working. If Android and other consumer-grade phones are going to be prohibited, workers must be given access to secure, government-issued devices. Unfortunately, such devices:
- Must be custom-built, which typically means they are extremely expensive;
- Take a long time to properly research, design, and produce, which often makes them obsolete by the time they are released;
- Fail to account for the user experience, which makes them difficult for users; and
- Tend to be very different in appearance to standard consumer phones, which potentially could make them – and the individual using them – easy targets for foreign adversaries.
Perhaps even worse, when government agencies implement a policy of replacing consumer smartphones with secure, custom phones, many workers respond by bringing their own personal phones into the workplace along with their government-issued phones. Obviously, doing so completely defeats the purpose of carrying a secure, government device, leaving IT administrators with a real dilemma: either completely prohibit workers from using mobile phones or simply accept the fact that security risks are a way of life.
How then should government IT administrators deal with the delicate balance between security and usability?
First and foremost, government agencies need to determine what needs to be done to modify devices so that they simultaneously are capable of providing a high degree of security and access to the functionality and features which draw consumers to smartphones in the first place. While this is likely to vary somewhat from agency to agency, it typically comes down to ensuring that social media, maps, and other leaky apps don’t communicate when you don’t want them to; providing verifiable control over access to device interfaces and location; and the ability to completely manage all containers, not just the work container, on employee devices.
Much of this can be achieved by devices equipped with a geofenced, policy-controlled setting capable of locking down all radios, cameras, and microphones and preventing use anywhere in, or near a secured facility. By activating this type of secure mode setting, a device can be permitted in designated sites. There, it can safely connect to the internal wired network and function as a useful computing tool, while enabling any data it captures or reveals to be effectively secured.
In addition, government IT administrators must contend with over-the-air software updates, most of which are pushed out by the original equipment manufacturers to devices with minimal administrator control, only allowing deferrals for 90 days. Worse, some updates are deployed without any advance customer notice or approval. This means that beyond the secure mode setting, agencies need a solution that gives them complete control over software updates sent to their devices.
Security, however, doesn’t stop with government employees’ smartphones. Government administrators must also establish a dedicated backend infrastructure that provides operating system control and centralized policy management to control the agency’s devices. This enables zero-touch provisioning of new devices with the agency’s security policies while providing policy updates. Just as important, it allows the agency to independently monitor and control all devices being used, providing real-time visibility of their status, location, security posture, and policy compliance.
Smartphones are here to make our lives easier. And while there’s certainly nobility in companies like Apple and Google developing technology designed to combat the world’s horrors, we should never lose sight of protecting those who protect us by making sure their devices are secure. Government agencies must be ever vigilant when it comes to securing the devices of their mission-critical workers.
Rashed Abdel-Tawab is the Lead Product Manager with CIS Mobile. Prior to this, he served as Lead Android Architect at Copperhead Limited, where he led the development of a secure Android operating system and continues to serve as a director of the LineageOS Project, a multinational open source Android project. Rashed has Bachelor’s and Master’s degrees in Biomedical Engineering. For more information, visit https://cismobile.com/