Defence Technology
European Security & Defence 2015
33
How to use mobile devices in sensitive areas – simple operation leads to higher security (BSC/Computacenter) Nowadays, even the public administ-
Optimum security levels can be ensured with the help of
ration uses mobile devices such as smartphones and tablets.
scalable functions. Authorities may decide whether a particu-
This is not surprising, as these devices support the staff
lar staff member requires smartcard encryption or whether
members in completing their daily work, thus providing signi-
S/MIME with soft certificate is sufficient.
ficant added value. Apart from their comprehensive features,
A mobile application management portal is used for admi-
however, mobile devices also entail certain risks. Thus, it is
nistrating and configuring the app. This allows the IT depart-
crucial to secure official data on these devices without leaving
ment to access all mobile devices of all users. Furthermore,
sight of user-friendliness, though. If usability is poor, users will
as the security software runs on the public authority’s own
look for other ways to access mobile applications – including
infrastructure, it can be integrated seamlessly into the existing
insecure private devices.
public key infrastructure of a public administration.
Sensitive data on mobile devices are at risk as smartphones and tablets may get lost or stolen. Moreover, data communi-
Data protection ensured
cations often take place in insecure public spaces such as airports or trains. Apart from such risks as the loss or theft of
Data is not routed through third-party servers (NOC – Net-
a device or a cyber attack there is another threat: In many
work Operations Centre). SecurePIM runs exclusively on the
cases, private apps like WhatsApp or Facebook access and
servers of the respective public authority, which means that the
read out other applications, e.g. the phone directory. Accor-
data remain under the ownership of the public administration
ding to a survey conducted by the Global Privacy Enforce-
and adherence to German data protection regulations is ensu-
ment Network (GPEN) in 2014, 75 per cent of all apps access
red. In addition, the IT department may easily block access to
at least one sensitive function of the devices. It is recom-
the data in case a device is lost and reinstall the data on a new
mendable to employ so-called security containers in order to
device. The app allows staff members to access all of the im-
protect sensitive data while providing staff members with the
portant official data from anywhere and at any time. This way,
best possible usability. The German software specialist Virtual
intranet applications and the complete document management
Solution AG has developed a security app called ‘SecurePIM’,
procedure are also available in a secured manner.
which acts as a security container. It allows a strict separation of job-related data from private data.
Experienced in IT security
“SecurePIM is the Swiss army knife in the field of enterprise mobility solutions. It provides the functionality of a Personal
Last year, Germany’s Federal Office for Information Security
Information Manager while integrating a secure web browser
(BSI) launched the project “Secure Data Synchronisation Ser-
and offering a secure document management solution. It is a
vice” in order to ensure the secure integration of iOS devices
simple all-purpose tool that combines all business functions
within the infrastructure of the federal administration. Com-
within a single app,” says Dirk Moede, responsible Key Ac-
putacenter won the invitation to tender together with Virtual
count Manager at Computacenter.
Solution. Once implemented, the solution will soon be piloted at selected federal agencies. The BSI has granted preliminary
Official data secured in an app
approval for using SecurePIM in order to bridge the gap until the pilot operation has been concluded.
The security app stores highly-sensitive official data such as
Computacenter has long-term experience with the develop-
government documents, job-related e-mails, appointments or
ment and implementation of mobile solutions within the public
business contacts in a fully impenetrable container. The app
administration. The IT service provider has developed an ap-
can be installed easily, providing high security without restric-
plication called “eAkte2Go” (“eFile2Go”), for instance, which
ting the options for private use by the employees. As usability
allows users to access the contents of the central filing system
itself has evolved to become an integral security feature,
using a mobile device while on the road. Teaming up with
this topic should not be underrated. If users are expected to
Virtual Solution, the IT service provider is developing solutions
use the protected mobile devices of a public authority, user
that allow mobile devices to be employed both in uncritical
acceptance must be ensured.
and high-security fields of application.
