The New York Times recently published an article They Stormed the Capitol. Their Apps Tracked Them. The article describes how law enforcement use leaked cell phone location and personal data to group and identify the individuals that invaded the US Capitol Building.
Unfortunately, those same techniques can be used against government workers’ mobile devices, jeopardizing their safety overseas or working from home due to COVID. Adversaries such as nation-states, organized crime, and terrorists routinely carry out profiling and digital surveillance that target government workers.
Existing mobile enterprise tools can reduce vulnerabilities from leaky consumer mobile devices but not prevent them. For example, enterprise tools such as Mobile Device Management (MDM), Mobile Threat Detection (MTD), Virtual Mobile Infrastructure (VMI), mobile Virtual Private Networks (VPN), and mobile app vetting work to mitigate the layers of privacy issues above the mobile device’s Operating System (OS). However, these tools cannot address issues within the OS itself – those are the baked-in data monetization efforts by the OEM vendors and their business partners. If the endpoint OS has vulnerabilities, it undermines the protection of data in transit and data at rest of all apps and enterprise tooling built upon it.
CIS Mobile focuses on protecting government workers’ safety by delivering a US-built, clean, and fully inspectable version of the device OS. One that prevents tracking and data exhaust but retains compatibility with existing apps, enterprise tools, network, and cloud infrastructure.