Mobile Application Playbook
Page 34 of 39 Office of the Chief Technology Officer (OCTO)
Appendix VIII: DHS S&T Mobile Device Security (MDS)
Overview
Within DHS, OCTO works collaboratively with the Mobile Device Security (MDS) Program within
the Science and Technology Directorate (S&T) to identify and respond to the evolving threats and
security challenges in the mobile space.
Vision of MDS
The Department of Homeland Security (DHS) workforce has become increasingly mobile, driving
the need for secure mobility solutions and a coordinated approach and framework to guide the
selection and implementation of common enterprise mobility solutions. To promote the safe and
secure adoption of mobile technology in DHS and the federal government, the DHS Science and
Technology Directorate (S&T) Cyber Security Division (CSD) within the Homeland Security
Advanced Research Project Agency (HSARPA) created the Mobile Device Security (MDS) Program,
and adopted the following vision to guide its research efforts:
Context
Mobile Technology, recognized as a cornerstone of the 2012 White House Federal Digital
Government Strategy (DGS), seeks to enable “access to quality digital government information and
services anywhere, anytime, on any device.” The DGS acknowledges new and unique security and
privacy challenges must be met to accelerate the adoption of mobile technology into the federal
government. In addressing DGS challenges, interagency efforts resulted in development of security
requirements for mobile computing and identification of major barriers and gaps that impede
mobile adoption. The mobile challenge areas identified were Mobile Device Management, Mobile
Application Management, Identity and Access Management, and Data Protection. Though progress
has been made in these areas, more needs to be done to address current and especially emerging
challenges. Two factors conspire to create the urgent need for secure enterprise solutions. First, the
use of mobile solutions is rapidly increasing across the Department and the federal government.
Secondly, mobile threats present an increasingly common and more sophisticated threat to data
stored or processed on DHS devices. Threats to mobile devices, applications, and data have grown
dramatically in the past few years. A recent analysis of threats1 highlighted several key
developments, including the following. Elements of a Mature Mobile Ecosystem
Malware grew substantially in the U.S., driven by an increase in threats holding
devices and data hostage in exchange for payment (ransomware).
Mobile threat sophistication is increasing. Certain malware has even entered the
marketplace pre-installed on certain devices, indicating a compromised supply