U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-124 Rev. 2 (Initial Public Draft)

Guidelines for Managing the Security of Mobile Devices in the Enterprise

Date Published: March 2020
Comments Due: June 26, 2020 (public comment period is CLOSED)
Email Questions to: 800-124comments@nist.gov

Author(s)

Joshua Franklin (NIST), Gema Howell (NIST), Vincent Sritapan (DHS), Murugiah Souppaya (NIST), Karen Scarfone (Scarfone Cybersecurity)

Announcement

Today mobile devices are ubiquitous, and they are often used to access enterprise networks and systems to process sensitive data. This draft guideline assists organizations in managing and securing mobile devices against the ever-evolving threats. To address these threats, this publication describes technologies and strategies that can be used as countermeasures and mitigations. Draft SP 800-124 Rev. 2 also provides recommendations for secure deployment, use, and disposal of mobile devices throughout the mobile device life-cycle. The scope of this publication includes mobile devices, centralized device management, and endpoint protection technologies, while including both organization-provided and personally-owned (bring your own device) deployment scenarios. 

NOTE: A call for patent claims is included on page iv of this draft.  For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Abstract

Keywords

enterprise mobility management (EMM); mobile; mobile device management (MDM); mobile security; smartphones; tablets
Control Families

System and Services Acquisition