Date Published: March 2020
Comments Due:
Email Questions to:
Author(s)
Joshua Franklin (NIST), Gema Howell (NIST), Vincent Sritapan (DHS), Murugiah Souppaya (NIST), Karen Scarfone (Scarfone Cybersecurity)
Announcement
Today mobile devices are ubiquitous, and they are often used to access enterprise networks and systems to process sensitive data. This draft guideline assists organizations in managing and securing mobile devices against the ever-evolving threats. To address these threats, this publication describes technologies and strategies that can be used as countermeasures and mitigations. Draft SP 800-124 Rev. 2 also provides recommendations for secure deployment, use, and disposal of mobile devices throughout the mobile device life-cycle. The scope of this publication includes mobile devices, centralized device management, and endpoint protection technologies, while including both organization-provided and personally-owned (bring your own device) deployment scenarios.
NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.
Mobile devices were initially personal consumer communication devices but they are now permanent fixtures in enterprises and are used to access modern networks and systems to process sensitive data. This publication assists organizations in managing and securing these devices by describing available technologies and strategies. Security concerns inherent to the usage of mobile devices are explored alongside mitigations and countermeasures. Recommendations are provided for deployment, use and disposal of devices throughout the mobile-device lifecycle. The scope of this publication includes mobile devices, centralized device management and endpoint protection technologies, while including both organization-provided and personally owned deployment scenarios.
Mobile devices were initially personal consumer communication devices but they are now permanent fixtures in enterprises and are used to access modern networks and systems to process sensitive data. This publication assists organizations in managing and securing these devices by describing available...
See full abstract
Mobile devices were initially personal consumer communication devices but they are now permanent fixtures in enterprises and are used to access modern networks and systems to process sensitive data. This publication assists organizations in managing and securing these devices by describing available technologies and strategies. Security concerns inherent to the usage of mobile devices are explored alongside mitigations and countermeasures. Recommendations are provided for deployment, use and disposal of devices throughout the mobile-device lifecycle. The scope of this publication includes mobile devices, centralized device management and endpoint protection technologies, while including both organization-provided and personally owned deployment scenarios.
Hide full abstract
Keywords
enterprise mobility management (EMM); mobile; mobile device management (MDM); mobile security; smartphones; tablets
Control Families
System and Services Acquisition
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
