Because of both the valuable data they hold and the widespread havoc that can be caused, utilities and public safety agencies are vulnerable targets for bad actors. A cyber attack on a utility or public safety agency can mean exposure of highly sensitive personal or confidential information, disruption of critical services, and reputational harm. Cyber threats come in the form of phishing, Denial-of-Service (DoS) attacks, malware that can spread into organizational servers and devices, and spoofing attacks (eavesdropping and traffic analysis). These are very real risks, but you can protect mobile devices from cyber threats.
When outfitting your utility and public safety crews with mobile devices, it is important to consider security from several angles including securing hardware, software, and connectivity.
Optimize your hardware and software security. The device hardware should be locked down tightly. When you procure mobile devices, make sure they use hardware-rooted security in the central processing unit (CPU). This ensures that every time the device is booted up, it happens in a trusted state to prevent malware from tampering with the system and attacking at the firmware level. In secure hardware, as the operating system launches, the system should monitor every step in the process to ensure that everything happens normally. If it detects something wrong, it should shut down the unit. Does the hardware have virtualization-based security (VBS)? That isolates any authentication functions from the rest of the operating system to protect logins from attack.
Other security solutions to look for include:
Drive encryption: OPAL SSD is a solid-state drive that gives users the choice of using hardware-based encryption. BitLocker, a Windows-based option that protects data, also offers enhanced protection. Both help protect identities, prevent access to unverified code, and defend against firmware-level attacks.
Hardware-based encryption: This method uses a chip on the drive to encrypt all data, decrypting it only upon positively identifying a user. It also measures the link to the unique identifier of a particular mobile device.
Authentication, specifically multi-factor authentication, which requires users to provide an additional identifier beyond a password like a facial pattern, smartcard, or fingerprint before allowing access to device or application.
Trusted Platform Module (TPM) – usually integrated in the form of a chip – verifies that the platform has not been subject to any tampering and provides a way to store passwords, certificates, and encryption keys. It can also detect unauthorized configuration changes made by malware and block access to affected applications.
Asset tracking software can keep track of a mobile device’s location, status, and recent system hardware and software changes. If the device is lost or stolen or its hard drive gets wiped or replaced, the software can automatically install itself. The software may also have a kill switch that renders the device unusable and wipes sensitive data.
Software-based encryption essentially scrambles data so it cannot be interpreted by hackers. You’ll need a device with a powerful chipset as this uses a significant amount of memory and CPU cycles.
Mobile Device Management (MDM) and Enterprise Mobile Management (EMM) software solutions allow management to implement consistent security policies across all devices, lockdown functionality remotely, monitor and limit access, track assets, and protect data via remote data wipes.
Mobile-specific VPN which can encrypt data at rest and in transit, be configured to allow only certain apps to run, and restrict the sites users can access online.
Access Point Name (APN) security which unlike a VPN creating a network over the internet, is a gateway provided by a telecommunications carrier that enables users to connect to the Internet via the carrier network.
Newly launched Panasonic TOUGHBOOK® devices offer secure-core hardware with many of these features built in to help you combat security risks. Pearl Solutions Group is a Panasonic Prime Partner, helping you source and implement TOUGHBOOK devices and certified accessories. Click here for more information about mobile security solutions or a free demo of the new TOUGHBOOK devices.