How can Government Ensure their Communications are Secure?
Classified information shared by government officials is highly targeted by hackers and foreign intelligence agencies around the world; making their smartphones and mobile communications – including phone calls, text messages and emails, prime targets.
Foreign intelligence agencies and sophisticated hackers can easily access a smartphone’s communications if not properly secured – and the owner of the phone would have no way of knowing that it was ever compromised. In some countries, such as China, where the government owns the country’s telecommunications network, it becomes even easier to eavesdrop on mobile communications; they can simply intercept the traffic as it crosses the network.
Importance of Securing Government Communications
The importance of securing mobile communications of government officials cannot be understated. A recent example of embarrassing intercepted communications is the Democratic National Convention (DNC) email disclosures, where damaging emails were leaked causing significant political damage.
Securing Government Organization’s Mobile Communications
Government organizations need to ensure mobile devices are secure and cannot be tampered with, as well as the data that flows to and from the devices. In order to properly secure a smartphone, the phone requires several security measures including:
- Although it may be obvious, it bears mentioning – a strong password or fingerprint to access the device and all applications and data.
- Mobile device hardware encryption – ensuring the device, all applications and data are encrypted except when unlocked with the strong password or fingerprint. All major mobile operating systems include encryption options, which may need to be enabled.
- End-to-end encryption to secure data in transit – including phone calls, text messages and emails – to ensure the data is only accessible by the initiator and intended recipient of the conversation and can never be intercepted.
- Unique telecommunications infrastructure to block the collection of phone metadata by network operators. Encrypting communications alone may not be sufficient depending on the nature of the conversations and the networks that have access to them. Metadata (including who you are having a conversation with, the length of the conversation, the date and time of the conversation, etc.) is never encrypted. Government organizations may require their own telecommunications infrastructure to ensure only the organization has access to the metadata.