Ditch your personal phones, use govt hardware for state secrets instead, French ministers told

The French prime minister’s office has issued a note instructing all ministries offices employees not to use consumer mobile devices when dealing with classified and sensitive data.

In the wake of the NSA revelations , senior French government figures are being told to abandon personal devices and consumer hardware and to only discuss sensitive matters on government-provided mobiles.

Read this

PRISM fallout could cost US cloud industry billions, warns Europe's digital chief

US cloud service providers could miss out on business from EU firms because of anger of US government surveillance programmes, warns the EU's digital chief.

Read More

The memo written last month by Christophe Chantepy, director of the French prime minister's office, was intended for government ministers and ministry staff, and calls on them to abandon consumer hardware.

In the circular, revealed by the French magazine L'Express on Wednesday, he highlights that classified information must be discussed only using the Toerem smartphones made by French company Thales.

According to L'Express, almost 2,300 of the Teorem smartphones are already in use in the ministries of defence, justice, interior, finance, and foreign affairs. The Thales group also offers a security product for Android devices, Teopad, which obtained first-level security certification from Anssi, the French government IT agency, in June, although it's not yet certified for use with classified data. 

The circular adds that sensitive data must "when possible, remain hosted on the national territory; be only exchanged between devices equipped with relevant security systems" and "be encrypted when exchanged on insecure networks like the internet".

Moreover, Chantepy insists that sensitive and classified information should not be exchanged using consumer smartphones that operate "without a security system certified by Anssi", and that "the use of personal IT equipment should be banned for dealing with sensitive data". 

In the circular, Chantepy doesn't explicitly mention the recent revelations regarding NSA's PRISM programme as a reason for the increased security. He claims "several IT security breaches" have occurred over "recent months" and that the Anssi "will soon release an IT security policy" to flesh out the circular. 

Patrick Pailloux, general manager of Anssi, took a strong anti-BYOD stance at an event last year for IT managers. Among them was Fabien Malbranque, working with the French ministry of labour, who said that there was no BYOD in the department as the smartphones and tablets used by people working there are "owned by the state, bought with taxpayers' money, after a call for tenders or directly by a member of the minister's office using the ministry's credit card". 

Further reading