ICE’s Device Management Policy Leaves Agency Prone to Cyberthreats, DHS Watchdog Says

The Department of Homeland Security’s Office of the Inspector General said the U.S. Immigration and Customs Enforcement’s “outdated and overly permissive” device management policy leaves it prone to cyberthreats.

According to the OIG’s spring audit, ICE allows personnel to use their government-issued gadgets for “nearly unlimited” personal use. The oversight body found that employees were able to install applications from companies banned on government systems, software associated with U.S. adversaries, third-party virtual private networks, outdated messaging applications and other products that compromise ICE’s security.

ICE is currently updating mobile device policies, blocking banned apps and patching and removing vulnerable software, Nextgov/FCW reported.

The U.S. government at large is tightening measures to ensure that devices are protected from threats.

In late October, the National Security Agency issued a cybersecurity information sheet that recommended ways to help agencies and their partners assess devices and ensure that they implement zero trust cybersecurity for gadgets. Earlier in the month, the Food and Drug Administration required medical device producers to ensure that internet-connected products are equipped with security measures that can fend off malicious actors.