Feeds

GCHQ imposes Whitehall iPhone ban

BlackBerry secures monopoly

Combat fraud and increase customer satisfaction

The image of ministers and their advisors hunched over their BlackBerries is set to become an enduring legacy of the New Labour era, as it's emerged that RIM will maintain its stranglehold on the government smartphone market under the coalition.

A Whitehall iPhone embargo is in place because encryption and electronics experts at the Cheltenham-based eavesdropping agency GCHQ have not so far approved the device for secure official business. Apple-fanciers will have to make do with a BlackBerry.

The effective ban is imposed by the Communications-Electronics Security Group (CESG), GCHQ's most outward-facing unit. Its job is to test the security of communications for all parts of government.

"The only mobile telecoms or personal digital assistant devices that have been issued to Ministers of the Department [of Health] are BlackBerry devices," explained Conservative minister Simon Burns on Monday.

"The Department does not issue Apple iPhones to staff as these are not approved for Government use by the CESG. CESG is the Information Assurance arm of GCHQ which aims to protect and promote the vital interests of the United Kingdom by providing advice and assistance on the security of communications and electronic data."

It's unclear whether CESG has tested the iPhone and found it too insecure, or if Apple simply hasn't sought approval. Neither Cheltenham nor Cupertino is known for openness on such matters.

RIM is meanwhile free to brag about its end-to-end encrypted product and its CESG certification, won in 2006.

Government BlackBerries use Triple DES and Advanced AES for data in transit, and AES to scramble locally stored data. They are assured to communicate official material up to the Restricted level, where a breach is considered undesirable but not damaging to national security.

Not that any phone can be completely immune to security breaches. In 2008 it was reported that an aide to Gordon Brown had his BlackBerry stolen on a visit to Beijing. It is suspected he was the victim of a honeytrap operation by Chinese intelligence after picking up a local woman in a nightclub. ®

SANS - Survey on application security programs

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.