Security News > 2023 > November > ICE faces heat after agents install thousands of personal apps, VPNs on official phones

"Specifically, we found mobile device management issues that put ICE mobile devices - and potentially other mobile devices demonstrating similar issues - and sensitive data at greater risk of potential espionage, leaks, and attacks from viruses," wrote Inspector General Joseph Cuffari in a redacted report [PDF].

While we don't know which of these naughty-list apps auditors found on ICE employees phones, it's probably safe to assume one of the offenders was TikTok - banned from US federal government staff and contractors' devices because of espionage concerns, due to the influence the Chinese government can exert over Beijing-based parent ByteDance.

The Feds are, too ICE data dump reveals names, locations of 6,000+ asylum seekers How ICE became a $2.8b domestic surveillance agency.

After discussions with the OIG regarding user-installed applications on a very small number of mobile devices used by US Immigration and Customs Enforcement, ICE swiftly took action to remedy all identified vulnerabilities in June.

ICE employs a multi-tiered digital security posture to protect ICE data which includes mobile device management software to control what a device can and cannot do, use of a 'secure container' on all mobile devices to house and protect ICE data, a mobile application management solution to protect and manage ICE applications outside the secure container, and a mobile threat defense capability to continuously monitor the behavior of all third-party applications downloaded to an ICE mobile device to protect ICE data.

At all times, ICE had visibility of the actions and behavior of third-party applications on ICE devices.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/11/06/ice_device_security/