Improvements Needed With Tracking and Configuring Army Commercial Mobile Devices

Abstract

Our objective was to determine whether the Department of the Army had an effective cybersecurity program that identified and mitigated risks surrounding portable electronic devices (PEDs) and removable media. Specifically, at the sites visited, we verified whether Army officials appropriately tracked, configured, and sanitized PEDs. Additionally, we determined whether the Army used authorized removable media on its network. For a discussion on scope and methodology, see the Appendix. Considering the broad definition of PEDs 1, we limited our review to commercial mobile devices (CMDs) running on the Apple iOS, Android, and Windows mobile operating systems. In addition, we excluded BlackBerry devices because the DoD OIG issued a report on September 25, 2009, Controls Over Information Contained in BlackBerry Devices Used Within DoD (DoD IG Report No. D-2009-111). Furthermore, our review focused on the use of CMDs as removable media and the removable media within the CMDs.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 26, 2013
Accession Number
ADA575353

Entities

Organizations

  • Office of the Inspector General, U.S. Department of Defense

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Computers
  • Cybersecurity
  • Department Of Defense
  • Electronic Mail
  • Information Assurance
  • Information Systems
  • Mobile Application Software
  • Mobile Devices
  • Mobile Operating Systems
  • Mobile Phones
  • Network Protocols
  • Operating Systems
  • Smartphones
  • Tablet Computers
  • Training
  • United States
  • United States Military Academy

Readers

  • Cybersecurity.
  • Defense Financial Management and Audit.

Technology Areas

  • Cyber
  • Microelectronics
  • Microelectronics - Microelectromechanical Systems