The Future of Secure Mobility: Zero Trust for CUI Protection

In today’s digital age, ensuring the security of sensitive and classified data on edge devices is paramount. During the 2025 Zero Trust Summit, hosted by CyberScoop, Jared Shepard, the CEO of Hypori, shared valuable insights on implementing zero trust mobility strategies to protect mobile devices. The interview on stage before a large audience of Department of Defense (DOD) personnel, government agency officials, members of the Defense Industrial Base (DIBs) and industry vendors was conducted by Greg Otto, Editor-in-Chief of CyberScoop.

The challenge of protecting sensitive data

During the session, Jared emphasized protecting sensitive information is one of the most challenging aspects of zero trust. While significant progress has been made regarding the protection of data, there is still a long way to go. He likened the current state of zero trust network access to the Wright brothers’ era, when they were flying, but not yet breaking the sound barrier.

Mobile devices and access control: The largest attack surface

One of the key points Jared highlighted is that mobile devices represent the largest attack surface. These devices are ubiquitous, and their security is often overlooked. He stressed the importance of recognizing mobile devices as potential threat vectors for compromise of sensitive data or access to enterprise resources and the need to mitigate risks using a zero trust solution.

Mitigating risks on edge devices

To protect data on edge devices and strengthen security posture, Jared suggested a simple yet effective strategy: avoid storing data on the device. By ensuring that data is not present on the device, the security risk of interception and unauthorized access is significantly reduced. He mentioned the example of Stingrays, devices that mimic cell phone towers to intercept data, as a real cyber threats to mobile security.

Zero trust use cases

Jared explained that Hypori’s approach to zero trust involves allowing users to interact with data without actually ‘transmitting, storing, or processing’ the data on their devices. This method ensures that even if a mobile device is lost, no sensitive data is compromised. This principle is crucial for both classified and unclassified environments.

Advice for smaller contractors

For smaller contractors concerned about nation-state adversaries and other threats, Jared offered practical advice. He emphasized the importance of focusing on identity, access, data protection, and infrastructure security. Hypori provides services that help small and medium-sized businesses achieve compliance and protect their mission without adding significant infrastructure.

Balancing security and privacy

Jared concluded by reminding the audience that protecting data is not just about securing mission-critical information but also about safeguarding employees’ privacy. Striking a balance between these two aspects is essential for a successful zero trust strategy.

Watch the full CyberScoop session below.  

‍

‍

Hypori on zero trust: Securing mobile access without compromise

At Hypori, zero trust isn’t just a concept—it’s the foundation of how we secure mobile access for government agencies, defense contractors, and enterprises handling sensitive data.  

Traditional approaches to mobile security often rely on device management, encryption, or perimeter-based defenses, but these methods still leave room for data exposure, breaches, and compliance risks. Hypori takes a radically different approach, ensuring that data remains completely separate from the endpoint, eliminating risk from compromised or untrusted devices.

Data never touches the device

The core of Hypori’s zero trust approach is simple: data never resides on the device. Unlike traditional mobile security solutions that attempt to harden devices or encrypt stored data, Hypori ensures that no data is stored, processed, or transmitted on the endpoint. Instead, users interact with a secure, cloud-based virtual environment and are only viewing pixels. This means that even if a mobile device is lost, stolen, or compromised, there’s no risk of data exposure because the device itself contains nothing to steal.

This approach aligns directly with zero trust principles, which assume that any device—especially personal mobile devices (BYOD)—should not inherently be trusted. Instead of managing endpoints, Hypori removes them from the security equation entirely.

A zero trust architecture for mobile security

Hypori’s solution follows the five pillars of zero trust, as outlined by NIST and embraced by the Department of Defense (DOD):

1. Identity Verification: Users must authenticate securely through multi-factor authentication (MFA) before accessing any sensitive applications or data.

2. Least Privilege Access: Users receive only the level of access they need—no more, no less—reducing exposure to unnecessary risks.

3. Device Independence: Since data never resides on the device, Hypori eliminates the need for Mobile Device Management (MDM) solutions that introduce privacy concerns for employees while still securing organizational data.

4. Continuous Monitoring: Hypori enables real-time monitoring and audit logging of user activity, helping organizations detect and respond to anomalies immediately.

5. Data Protection: By keeping data within a secure virtual environment, Hypori ensures zero risk of data leakage from lost or compromised devices.

This strategy not only strengthens security but also simplifies compliance for organizations subject to strict regulations like CMMC, FedRAMP, HIPAA, and FISMA.

Enabling secure BYOD for the Army & Air Force

Hypori’s zero trust approach is already being implemented at scale with Army BYOD with Hypori and the Department of the Air Force’s Workspace Anywhere initiatives. These programs allow military personnel to securely access mission-critical applications and NIPRnet from personal devices—without the risk of data exposure.

Traditional MDM and MAM solutions have long posed a challenge in balancing security with user privacy. Hypori eliminates this friction by providing a virtual environment that grants access to work resources without requiring control over the personal device itself. This user-centric approach ensures security without compromising privacy, making it an ideal solution for both government and commercial enterprises.

The future of zero trust in mobile security

As threats to mobile security continue to evolve, organizations must embrace a zero trust mindset that eliminates data exposure rather than just mitigating it. Hypori’s approach represents the next evolution of secure mobile access, proving that organizations don’t have to choose between security, compliance, and usability.

With adversaries becoming more sophisticated and attack surfaces expanding, the need for a truly data-less mobile security solution has never been greater. Hypori is leading the charge, ensuring that the future of secure mobility is one where data and CUI stay protected—always, everywhere, and on any device.

To learn more about Hypori, click here to request a demo or learn more about our pricing.

‍