Over the past few years, the use of wireless data devices, such as the BlackBerry unit by Research In Motion (RIM), has greatly increased within the federal government. The need for accessing email remotely has been the primary market driver for this growth, although device-to-device communications have also been a significant contributor. Nevertheless, the surge in wireless email usage is not yet pervasive among the majority of federal mobile workers. This limited usage is influenced by the lack of coverage, the cost of the extra device, the associated airtime, the limited security offered, the current form factor, and ease of use. However, new developments are ongoing that will greatly reduce these limitations to help spur wireless email, Web access, device-to-device communications, and a wide range of other applications.
This report provides an overview of some of the key issues that need to be addressed when sending or receiving sensitive data via a commercial wireless carrier and during the planning and the deployment of wireless remote access to enterprise data. It includes the analysis, guidelines, and recommendations for securing data transmitted using wireless terrestrial and satellite WANs operated by commercial service providers. The intended audience is U.S. Department of Defense (DoD) and federal government security and information technology (IT) professionals with minimal knowledge of wireless networks. Although much of the report is applicable to voice communications as well as data, only the securing of data is directly covered. The report complements the National Institute of Standards and Technology (NIST) Special Publication 800-48 Wireless Network Security: 802.11, Bluetooth and Handheld Devices document researched and published under a Cybersecurity and Information Systems Information Analysis Center (CSIAC) delivery order in September 2002.