Security Protocols for Government Issued Mobile Devices (PQ Reply by SMS Janil Puthucheary)

Security Protocols for Government-Issued Mobile Devices

Fourteenth Parliament of Singapore – Second Session for the Sitting on 9 May 2023

Question

Mr Gerald Giam Yean Song asked the Prime Minister (a) whether all Government-issued mobile devices used by civil servants and political office holders are pre-installed with device management application (DMA) and antivirus software; (b) if so, how does the Smart Nation Digital Government Group (SNDGG) ensure that sensitive information passing through these devices does not fall into the wrong hands; and (c) if not, how does SNDGG ensure that only approved apps are downloaded, only appropriate websites are accessed and only malware-free email attachments are opened on these devices.

Answer

Oral reply by Dr Janil Puthucheary, Senior Minister of State for Communications and Information and Minister-in-Charge of GovTech (for the Prime Minister)

Mr Speaker, Government-issued mobile devices are secured through technical controls and policies on appropriate use.

Technical controls include the installation of Mobile Device Management software, which allow for remote removal of data from compromised devices. Connectivity to the Government network must be done via a virtual private network.  Emails are screened by a security application that blocks emails containing suspicious attachments. As a policy, such devices cannot be used to process and store highly classified information that may cause serious damage to national interests.

We also educate public officers through regular training so that they are aware of cybersecurity risks, including rogue apps or spoof websites.  As members will appreciate, cyber risks can never be fully eliminated. We will implement appropriate safeguards while enabling officers to be effectively supported with IT tools.