Some agencies spending 90-percent of IT budget on legacy systems — report
October 21, 2016
Some agencies are spending 90 percent or more of their IT budgets on operations and maintenance, the report released last week found.
David Stegon was a staff reporter for FedScoop and StateScoop from 2011-2014.
The National Institute of Standards and Technology released draft guidelines for securing mobile devices and is requesting comments through December 14.
The draft, "Guidelines on Hardware-Rooted Security in Mobile Devices," defines the fundamental security components and capabilities needed to enable more secure use of products.
"Many current mobile devices lack a firm foundation from which to build security and trust," said NIST lead for hardware-rooted security Andrew Regenscheid, one of the publication's authors. "These guidelines are intended to help designers of next-generation mobile phones and tablets improve security through the use of highly trustworthy components, called roots of trust, that perform vital security functions."
On laptop and desktop systems, these roots of trust are often implemented in a separate security computer chip that cannot be tampered with, but the power and space constraints in mobile devices could lead manufacturers to pursue other approaches such as leveraging security features built into the processors these products use, he said.
The NIST guidelines are centered on three security capabilities to address known mobile device security challenges, including device integrity, isolation and protected storage.
To attain the security capabilities, the guidelines recommend that every mobile device implement three security components that can be used by the device's operating system and its applications.