DoD adopts guidelines for securing mobile apps

The Mobile Technology Tiger Team — a group formed under the Federal CIO Council — has released a standardized protection profile for mobile application development, providing a baseline of security controls for agencies building their own mobile apps.

The new government-approved common criteria for evaluation and validation — released through the National Information Assurance Partnership — acts as a roadmap during the development process. Engineers work through the schema, selecting the desired functionality and applying the associated security frameworks.

Resource: Protection Profile for Application Software Version 1.1

"The ultimate goal is to make it easier and safer for agencies to develop and use mission-critical applications on smartphones or tablets," according to Rob Palmer, MTTT co-chair and acting deputy director of the Enterprise System Development Office at the Department of Homeland Security.

The Defense Department and DHS have agreed to adopt the standards for all future app development. The Defense Information Systems Agency developed a DoD annex for defense systems, which includes added protections and references to DoD-specific regulations.

Read the full report at

Recommended for you
Around The Web