Calming Security Fears

Security issues regarding personal devices on a government network usually concern the downloading of health and human services data and tax-related documents. North Dakota doesn’t yet allow the ability to do so on personal devices. The data the state permits for download onto personal devices, Feldner said, is public record. However, her team still puts strict security protections on these personal handhelds, including special password protection. The devices also can be wiped remotely.

“Since people have their state e-mail on their devices, if they get stolen, we don’t want the culprit sending e-mails from that user’s account,” Feldner said. The application used for this protection wipes the device automatically after someone makes 10 failed password attempts.

Delaware, by contrast, allows sensitive files on personal devices but installs special encryption to keep unapproved eyes from viewing the data. North Dakota uses this sort of encryption on state-issued laptops, which can be used for sensitive files. Although Feldner doesn’t do this for personal devices, she expects to hear requests for it eventually.

As for whether personal gadgets require additional information security personnel for the added work, Feldner said that hasn’t been the case. But it doesn’t mean her security officers are happy about allowing the devices.

“They’re not thrilled because it’s one more thing they have to try to keep ahead of,” Feldner said. “They understand that this is the way the world is moving, so we need to accommodate it and figure out a way to keep things secure.”

Andy Opsahl  | 

Andy Opsahl is a former writer and features editor for Government Technology magazine.