What Makes a Secure Phone?
CIS offers a secure mobile platform that addresses the rampant supply chain problems in the mobile industry and puts effective controls in the hands of IT administrators.
What does it take to make a phone secure? To start, you need a healthy dose of skepticism about what the industry is selling you. A smartphone is a sophisticated software platform. Where is all that software coming from? What does it do? Who is controlling it? If you can’t answer those questions, your device may not be as secure as you think.
All of the commercial smartphones available today are designed around monetizing information about their users, even the phones with NIAP certifications. It is not only applications like Facebook that collect user data. The operating systems in commercial smartphones send user data, location, call and SMS information back to servers at Google, Apple, the phone manufacturer – and even 3rd party advertising affiliates.
For any sensitive government deployment, one should use phones that don’t have pre-installed apps, don’t send information to 3rd parties, and have operating systems that can be reviewed and controlled.
Our recommendations for secure phones are as follows:
- Hardware-backed Bootloader. Most smartphones contain a hardware root of trust designed in by the OEM, which is the initial step in booting the phone. The hardware trust mechanism is used to validate that the next stage to be loaded has a verified and trusted digital signature.
- Verified Boot Procedure. The boot procedure verifies the authenticity and integrity of each successive step in starting the phone, which ensures the operating system running on the phone has not been modified unexpectedly.
- Operating System Controls. The operating system directly controls access to device services – radios, cameras, microphones, and other sensors – so it can also be used to gate access to them. Trustworthy implementations must demonstrate they can ensure complete control over the designated functionality, preventing user applications and 3rd party services from using them without authorization.
- Policy Management on system controls. There are a variety of use cases for secure smartphones, so a platform that can be easily redefined to suit the organization’s needs is essential. Hard-coding specialty solutions for each deployment is expensive and time-consuming. For operational efficiency, policies should be manageable through a customer-controlled policy management system that can apply changes to devices already in the field.
- Security Update System. A secure mobile platform must be capable of pushing regular security updates to the user’s smartphone to keep them safe from emerging vulnerabilities. Ideally, for operational efficiency, these should be distributed from the customer’s management system using an over-the-air secure update mechanism.
- Control/Disable 3rd Party Tracking. Smartphones based on iOS and Android have extensive user data collection systems built-in that collect information about user activities, contacts, applications, location, calls, texts, and other data. This information is sent to 3rd parties without the user’s knowledge or proper notification. Typical smartphones send data packets to 3rd parties 40-50 times per hour. A secure solution should prevent this tracking to avoid risk to government users and their sensitive data.
If you’re asking whether your organization’s smartphones are secure enough, then you are asking the right questions.
Give us a call to learn about altOS, a platform designed for true secure government communications.