The report blamed “outdated and overly permissive” policy that “enables nearly unlimited personal use” of the devices. Image: MVelishchuk/Shutterstock.com
The inspector general’s office at DHS has issued an alert to departmental management of “potential espionage, leaks, and attacks from viruses” on mobile devices issued to Immigrations and Customs Enforcement employees, saying that similar issues could apply to other DHS components.
During an audit “we identified thousands of mobile applications installed by ICE employees, contractors, and other DHS agency employees on ICE-managed mobile devices.” That included applications from companies banned from government information systems and applications linked to foreign countries whose identities were redacted.
Although the report—which previously was restricted—did not mention risky applications by name, it characterized them as including text messaging applications with known vulnerabilities; applications related to maps, weather and airlines; file sharing, photo sharing and cloud service applications; third-party virtual private networks; and outdated messaging applications.
“Among other things, these applications introduce the potential for collecting and monitoring user and device information through device sensors such as a camera, microphone, and global positioning system. The applications may also collect and distribute information stored on the device (e.g., photos, videos, and documents), including potentially sensitive information outside the secure containers. This risk is intensified given that some of the mobile applications identified are associated with U.S. government foreign adversaries,” it said.
The report blamed “outdated and overly permissive” policy that “enables nearly unlimited personal use” of the devices and a lack of monitoring because ICE considered them to be personal applications.
It said management agreed with recommendations including that it “require the immediate removal” of risky, unneeded and unapproved applications on devices used by ICE employees and “determine whether similar issues exist for other DHS agencies and take immediate appropriate actions as appropriate.”
The report is the latest in a series on a number of agencies raising concerns about federal information security practices overall and about use of mobile devices in particular.
Key Bills Advancing, but No Path to Avoid Shutdown Apparent
TSP Adds Detail to Upcoming Roth Conversion Feature
White House to Issue Rules on RIF, Disciplinary Policy Changes
DoD Announces Civilian Volunteer Detail in Support of Immigration Enforcement
See also,
How Do Age and Years of Service Impact My Federal Retirement
The Best Ages for Federal Employees to Retire
How to Challenge a Federal Reduction in Force (RIF) in 2025
Should I be Shooting for a $1M TSP Balance? Depends…