Policy Opens the Door for Smartphone Use in Classified Settings

SFIO CRACHO/Shutterstock.com

Mobile devices will still be banned from facilities where highly classified information is shared.

National security officials may soon have more leeway to use phones and other mobile devices in secure spaces where officials work and share sensitive information, according to a directive released this month.

Any use of mobile device in secures spaces will have to first undergo a battery of policy reviews, however, according to the binding directive issued by the interagency Committee on National Security Systems.

Mobile devices will still be banned from secure compartmented information facilities, or SCIFs, which are effectively black boxes where officials share and discuss highly classified materials.

The directive also bans employees’ personal mobile devices from secured spaces except for rare carve outs, such as when firefighters or other public safety workers are responding to an emergency at a secure space.

The government generally bans mobile devices from secured spaces because of the danger that a foreign intelligence service could hack into them and listen in through the microphone or observe through the camera.

Under the new policy, national security officials will have to justify why allowing mobile devices inside a secure space will aid their mission and conduct security and risk reviews that include adopting extra protections and countermeasures to mitigate security risks.

Officials must also review security credentials for specific brands of mobile devices allowed into secure spaces, including examining their supply chains, and configuring them to the highest security standards. Officials using the devices will have to hand them over to security staff regularly to verify they’re properly patched and updated.

“The [cognizant security authority] may disallow the introduction and use of a mobile device in one secure space but allow the introduction and use of the same mobile device in another secure space, based on the CSA's risk determination,” the directive states.

The Committee on National Security Systems is led by the Defense Department and includes members from 20 other departments and agencies, including the Homeland Security, State, Commerce and Treasury departments and intelligence agencies.