Report: French ministers told to install Android sandbox if they want to use smartphones
Ministers have been reminded to use only smartphones with an approved security device to discuss sensitive information
By Peter Sayer | Published: 15:52, 13 September 2013
French Prime Minister Jean-Marc Ayrault warned government ministers this summer that they and their staff should only use approved smartphones to discuss sensitive matters, a French magazine has revealed.
For matters classified secret, Ministers and government officials should use a feature phone called Teorem from French aerospace and defence equipment manufacturer Thales, Ayrault's chief of staff told his counterparts in the various ministries in a letter dated Aug. 19 and published by the magazine l'Expansion this week.
Teorem is a hybrid device compatible with public landlines and with 2G or 3G mobile networks. It exchanges keys via a central server in order to authenticate itself and encrypt transmissions -- but it can only communicate with similarly secured devices, and it won't run apps or exchange email. The government has ordered 14,000 Teorem phones, half of them for the armed forces, according to Thales.
Not all ministerial discussions are secret, but most should at least be considered sensitive, and for those, only landlines or smartphones with a security system approved by the French National IT Security Agency (ANSSI) should be used, the letter said.
ANSSI has approved no smartphones to date, according to lists of certified and qualified security systems on the agency's website, but it has approved a software add-on for Android phones and tablets called Teopad, also from Thales. Teopad creates separate partitions for personal and business information, securing access to the business information and apps using strong authentication, and using a VPN to secure communications with those apps. It can also secure voice communications via a secure SIP server using SIP-TLS, according to Thales documentation.
Ministers and their staff in neighboring Germany use a similar system to secure their communications. The German system can secure voice and data communications over public networks, and secure up to 4GB of data at rest, on BlackBerry Z10 smartphones equipped with an additional security chip from German encryption specialist Secusmart. The company takes advantage of the BlackBerry Balance feature in the latest version of BlackBerry OS to separate secured and non-secured information and applications.
As well as his warning about smartphone use, Ayrault's chief of staff told government officials not to store sensitive data in cloud services outside France, and not to use personal email services or SMS to discuss sensitive matters. The letter also reminded them of the "elementary rules of security," including guidance on the creation of strong passwords, and warnings about phishing attacks and the dangers associated with USB memory sticks.
Peter Sayer covers open source software, European intellectual property legislation and general technology breaking news for IDG News Service. Send comments and news tips to Peter at firstname.lastname@example.org.