The Federal CIO Council’s Federal Mobility Group (FMG) announces release of a draft report that presents in a handy reference guide the best practices and lessons-learned for the use of government-furnished equipment (GFE) such as mobile devices by federal employees on international travel.
The FMG seeks public comment on the new FMG International Travel Guidance for Government-Furnished Mobile Devices report, which outlines the elevated risks tied to the use of GFE mobile devices by government employees during overseas travel and shares best practice mitigations and lessons-learned from several federal departments and agencies. The public comment period extends to the end of December 2021.
As domestic and international travel picks up, GFE mobile devices (e.g., smartphones and tablets) will facilitate government employee work productivity during foreign travel, including remote connections to office enterprise networks and databases. However, the FMG report stresses that government employees traveling to a foreign country or embassy within the U.S. should be aware that because of their portability and always-on state mobile devices are susceptible to compromise, theft, physical damage, and loss.
Use of mobile devices during foreign travel often amplifies these risks. Both government and personal information are at increased risk of compromise, including government and personal user account information, contacts, and application data. Moreover, government employees are often specifically targeted by foreign adversaries seeking to covertly access confidential government data, intellectual property and in some cases a government employee’s personal data.
If a GFE mobile device is compromised while its user is traveling in areas Outside the Continental United States (OCONUS), its camera, microphone, Global Positioning System, functions, and other sensors could be used to eavesdrop on the traveler, steal information, or attack government enterprise IT systems. (In the FMG report, OCONUS is defined as travel to any country or place beyond the continental United States.)
The FMG-developed International Travel Guidance report contains best practices regarding configuration and use of GFE mobile devices to safeguard information, backend enterprise systems, and users while on OCONUS travel. The guidance also explains the various physical and cybersecurity threats to GFE; security procedures travelers should undertake before, during, and upon completion of their travels; and other considerations for federal employees who temporarily travel internationally.
Contributors to the content and development of the new FMG report were the Department of Homeland Security (DHS); DHS Science and Technology Directorate; DHS Cybersecurity and Infrastructure Security Agency; Departments of Defense, Education, Energy, Interior, State and Treasury; General Services Administration; and National Aeronautics and Space Administration.
Click here to download the draft FMG International Travel Guidance for Government-Furnished Mobile Devices report; click here for the public comment matrix. Please submit your comments to firstname.lastname@example.org by December 29th, 2021.