Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

CDM DEFEND: Going Mobile

How the CDM DEFEND plan for adding and securing mobile devices will help government agencies improve visibility and security.

Going Mobile” was a hit song for the British rock band “The Who” in the early 1970s. Celebrating a transient lifestyle, the song captured the public’s imagination because, at the time, society was generally immobile; people were tied to single towns, jobs, and friends and family who rarely ventured far from home.

Fast forward to 2018 and mobility has become the norm. “Telecommuting,” remote work and frequent travel are all part of our daily routines. This mobility brings unique security challenges because we are never traveling alone – we want all of our devices with us and require instant access to the applications we can’t live without.

The Department of Homeland Security (DHS) Continuous Diagnostics & Mitigation (CDM) Program Office, which is responsible for securing the entire Federal enterprise, has had concerns about the mobile challenge for some time. Now that five of six CDM DEFEND task orders have been awarded (the sixth, Group F, is expected in 2019), the program can focus more on mobility. The DEFEND task orders require awardees to improve visibility and security in the mobile environment.

The CDM DEFEND plan for adding and securing mobile devices is to develop a partnership approach. In order to meet current standards, Federal agencies have been deploying enterprise mobile solutions, or Mobile Device Management (MDM) platforms. Although it is not the answer to all mobile device security concerns, MDM represents a significant enhancement to mobile device security.

The CDM DEFEND mobile device management process

The CDM Program Office envisions the awardees first ensuring their MDM meets or exceeds CDM-compliant security benchmarks. Once that is accomplished, DHS, through the CDM DEFEND Request for Service (RFS) process, will partner to integrate Federal agency mobile security solutions into the overall CDM scheme. The MDM data will eventually flow up to the CDM Agency Dashboard, providing a more complete picture of the agency’s security posture by including the ever-growing number of mobile devices.

More than any other technology area, the mobile security challenge is complicated by the ways different agencies handle mobile. Some agencies standardize on a single platform, while others offer different handset and connection options to meet the needs of their various component sub-agencies.

“Bring Your Own Device” (BYOD) introduces challenges of non-standard hardware, operating systems and applications. Without vigilant security solutions in place, mobility increases the attack surface, widening the Cyber Exposure gap of the entire agency enterprise. The overarching goal of the DHS CDM Program Office is to overcome security challenges of the federal enterprise. By adding visibility to the hardware, software, configuration and vulnerabilities of mobile assets, these four areas in the original CDM program will increase cybersecurity across the Federal spectrum. The CDM PMO plans to accomplish this in a step-by-step, programmatic fashion:

  • Complete assessments of agency mobile device management practices
  • Produce analyses based on best practices and standards in use among federal agencies
  • Perform gap analyses and driving to close critical gaps
  • Normalize the cybersecurity data from mobile assets to be incorporated with the rest of CDM data bound for the Dashboards
  • Add processes to the CDM program reviews, ensuring systems remain current and effective

Will CDM affect the effectiveness of mobility solutions? Possibly, depending on the security solutions the agency chooses. Tenable’s SecurityCenter Continuous View (SC CV) enterprise platform develops vulnerability assessments based on the information in the MDM platform; not directly connecting to the mobile device. Other CDM tools may use MDM data or require agents on the mobile device itself. Tenable took this approach to limit any effect on the device, the enterprise and the user. By leveraging the robust capabilities of their already-installed Tenable SC CV platform, agencies can add “goin’ mobile” to their list of successful CDM efforts.

To learn more about how Tenable, and its flagship CDM platform Tenable.sc Continuous View, can help your Agency improve its security posture, please visit us at: https://www.tenable.com/data-sheets/maximize-outcomes-for-cdm-and-much-more-with-securitycenter-continuous-view.

Related Posts

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security