DHS Aims to Turn Mobile Devices into No Phishing Zones

The Homeland Security Department and 16 other agencies are upgrading their mobile device security.

Phishing attacks remain the bane of information security specialists and missionsacross government, and as they advance in sophistication, the Homeland Security Department is attempting to better protect against them.

This week, DHS’ Science & Technology Directorate announced it will make use of an update to San Francisco-based Lookout, Inc.’s Mobile Endpoint Security platform. The update was funded in part by a series of cutting-edge mobile security contracts DHS S&T funded last September.

According to DHS officials, the phishing protection update offers security beyond the detection of attacks through SMS messages. The system monitors and prevents attacks that hide inside mobile applications, social media messages and in personal or work email messages. In addition, it inspects any outbound connections at the network level and alerts users—and administrators—in real-time if connections are harmful.

“These advancements in mobile threat defense will protect sensitive data, such as personally identifiable information, on mobile devices and enterprise networks and greatly increase the security of the federal government’s mobile systems for mission-critical activities,” said S&T Mobile Security Research and Development Program Manager Vincent Sritapan, in a statement.

“These new capabilities will alert device users, mobile enterprise administrators and security personnel to a wide range of mobile threats and allow them to remediate those threats and protect sensitive data from being compromised through mobile devices.”

Lookout’s updated platform will be available for iOS and Android operating systems immediately to 150 million consumer devices worldwide, as well as those issued by 17 federal customer agencies, including DHS. The widespread availability of Lookout’s updated phishing protection could be key for federal employees, one-third of whom conduct agency work on personal mobile devices, according to a recent Government Business Council survey. GBC is the research arm of Nextgov publisher Government Executive Media Group.

“Phishing is still the number one way to attack any endpoint, so to have anti-phishing capability on mobile device is key for the government,” Bob Stevens, vice president of Lookout’s public sector business, told Nextgov.

Stevens said the granularity of Lookout’s solution is what makes it stand out. Lookout’s application is able to flag when other applications do things like export contact lists overseas.

“Having a presence on the device gives you that type of advantage, you don’t have to backhaul all the traffic that is happening,” Stevens said.