Mobile Risk Mitigation for our Nation’s First Responders

Posted By: Traci Knight, Office of Emergency Communications

The Department of Homeland Security (DHS) Office of Emergency Communications (OEC) promotes comprehensive physical and cyber risk management for emergency communications and is proud to present two new best practice documents to support the first line of cyber defense—the end user.  OEC’s Mobile Device Adoption Best Practices Guide and Mobile Application Adoption Best Practices Guide are designed specifically for first responders using, or considering use of, mobile devices and applications and should be used in conjunction with any policies that organizations may have already established.

Next-generation mobile devices, also known as “smartphones” or “tablets”, and mobile applications, known as “apps”, are enhancing responder safety, informing incident management, enabling mobility, and improving productivity. The list of device examples is growing rapidly and will likely soon include in-car head units, wearable devices, and a litany of Internet-connected machines.  Mobile devices are improving public safety response and easing the burden of first responders. Yet, use of these devices and the apps running on them can pose substantial risks to public safety and their networks.

Organizations already benefit from government-developed and distributed devices and apps, but will also need to understand how to contend with commercially-developed products efficiently and securely to support their operations.  The proliferation of mobile devices and implementation of network policies such as Bring-Your-Own-Device require strong authentication, data encryption and consistent policies and configuration guidance.  Even if an organization chooses not to adopt commercial apps as part of their core support, it is likely that their users will use them to augment government-sponsored devices.  Pursuing actions provided in OEC’s Best Practice documents can improve the mobile cybersecurity posture of an organization:

Mobile Application Adoption Best Practices Guide

• Reviews risks associated with mobile applications
• Encourages users to work with their command staff/IT support to ensure secure adoption
• Provides guidance on the selection and use of any mobile application

Mobile Device Adoption Best Practices Guide

• Reviews risks associated with mobile devices
• Encourages users to work with their command staff/IT support to ensure secure adoption
• Promotes fundamental security practices (For example: use of a PIN and avoiding unfamiliar networks)

The MAPS Program (Mobile Application for Public Safety), the program under which these best practices are released, was established to promote consistent security, functionality and performance best practices in the development and adoption of mobile applications and devices. More information on the MAPS program can be found at www.dhs.gov/maps.  Organizations pursuing mobile application development, either in-house or through third parties, may also be interested in the First Responder Mobile Application Development: Best Practices Guide.  Additional information and resources are available through DHS OEC, please contact DHS_MAPS@hq.dhs.gov for support.