A report from the Department of Homeland Security Inspector General’s office found that Secret Service personnel have increasingly opted to use personal phones for their official work. The mobile devices were even used during domestic and overseas protective operations, and that has resulted in security lapses.
The report stated that government-furnished equipment (GFE) mobile devices weren’t used as they lacked the capabilities required to carry out mission operations. The matter was made worse because the GFE devices used aboard also lacked the required security applications to ensure real-time, continuous protection from cyberattacks that foreign adversaries or other bad actors could have carried out.
“The United States Secret Service (Secret Service) did not effectively secure and manage mobile devices, including during protective operations. As a result, adversaries could have intercepted and exploited Secret Service information, placing at risk our Nation’s leaders, other protectees, and employees — especially when unsecured devices were used overseas,” the report explained.
The findings were discovered following the attempted assassination of then-former President Donald Trump on July 13, 2024, when the inspector general’s office learned that agents were frequently using personal phones. In one case, a Secret Service employee was unable to receive a photo of the would-be assassin from local law enforcement due to reliability issues with the GFE device. Another employee had to take extra steps to email a photo of the individual following the attack because of a flaw with his government-issued device.
“A Secret Service agent at the Butler assassination attempt couldn’t forward a photo of the shooter on his government device because the Office of the Chief Information Officer (OCIO) had restricted picture sharing for two years,” said Jacob Krell, senior director for secure AI solutions & cybersecurity at Suzu Labs.
Krell told ClearanceJobs that app approval through the service portal could take years. Agents did what cleared personnel across the federal workforce do when official tools can’t keep up with operations: they used a personal device, knowing it’s a policy violation.
“The IG frames this as device management, but the security architecture created the exposure by forcing users off managed devices,” suggested Krell. “Risk moved from a phone the agency monitors to one it can’t see, and mission-sensitive data moved with it.”
New Tech, With Old Problems
During the investigation, it was also revealed that despite being new devices, many of the GFE handsets lacked the commercial messaging apps already widely used by the law enforcement and militaries of foreign partners. In addition, the government-issued devices often blocked some websites, and for reasons that aren’t so clear.
“For example, employees needed to research restaurants where a protectee was scheduled to dine,” the report noted. That required Secret Service employees to use personal devices for such searches.
In other cases, the government-supplied devices suffered from repeated reliability issues, including frequent disconnects from the Secret Service’s virtual private network (VPN). Approximately 12% of the wireless help desk tickets ended up being related to those issues.
“If security controls become a barrier to execution, shadow IT becomes inevitable,” said Ted Miracco, CEO of cybersecurity provider Approov. “The OIG report highlights a systemic flaw in federal cybersecurity: treating the mobile device as the enemy. Heavy-handed Mobile Device Management (MDM) restrictions have rendered government phones functionally ineffective in high-stakes, real-time scenarios.”
IT Overreach?
A key issue is the attempt at securing the devices for government use, which can impact the functionality.
“This is the shadow IT problem wearing a clearance badge,” said Krell.
“Security teams pile friction onto the secure path until it becomes the unusable path. Approval workflows crawl at procurement speed while operations move in real time. When using the approved device means you can’t do your job, compliance becomes a fiction that everyone quietly abandons,” Krell emphasized.
He further warned that stricter device bans treat the symptom, but friction is the disease.
“Close the gap between what the managed device can do and what the mission requires, and personnel will stay on it,” Krell noted. “The OIG data shows more than 15,000 calls on personal phones during protective operations. Those agents didn’t choose to violate policy. The policy gave them no workable alternative.”
Miracco told ClearanceJobs that to address this issue, the government should pivot from a device-centric security model to an application-centric one.
“Rigid MDM profiles can lock down devices so severely that critical, everyday capabilities –like sharing an emergency photo or using vital communication apps overseas – are blocked,” Miracco continued. “Instead of trying to sanitize and control the entire smartphone ecosystem, security solutions must verify the integrity of the specific government app and its runtime environment in real time.”
Moreover, by ensuring the app itself is secure and untampered, the critical tools could run safely and effectively on any device.
“This approach preserves the agility agents need in the field,” added Micracco, “while guaranteeing the ironclad security required for national defense.”
Big Tech At The Core
However, another security expert suggested this isn’t really an issue of who provided the phone, but rather with its manufacturers and the operating system it is running.
“The mobile ecosystem is incredibly locked down, and that’s been true for years. Apple and Google present it as a security feature, but a big part of that closed design is protecting their advertising and tracking ecosystems. The downside is that it also limits independent security research,” explained John Strand, founder of Black Hills Information Security.
“When you combine that with specialized tools and expensive testing environments, you end up with a platform where very few people can actually see what’s happening under the hood,” Strand told ClearanceJobs. “That’s why stories like this don’t surprise me. It’s very interesting to see when this collides with national security.”



