SECURITY A PRIORITY IN DoD MOVE TO MOBILE DEVICES
By Cheryl Pellerin, American Forces Press Service
07 Jun 13. The U.S. Defense Department wants to provide secure access to information from any device, anywhere and anytime, but the priority is security, the department’s principal deputy chief information officer said here yesterday.
At a defense systems seminar, Robert Carey spoke about mobile device security and architecture before an audience of military, government and industry experts.
“It’s an exciting time for the mobile space, and I will tell you as we march into it and into choices and … into smart phone utilization in the DOD, it is not without the requisite security,” Carey said. “Many an industry and federal agency that are leaping into it a little faster than the security apparatus is willing to catch up with, but we are not,” he added. “We are trying to leap in it with the security apparatus attached.”
Today, DOD has more than 600,000 commercial mobile devices in operational and pilot use, including about 470,000 BlackBerry phones, 41,000 Apple operating system devices and 8,700 Android devices.
Last June, the department released a mobile device strategy that identified information technology goals and objectives for making the use of mobile devices possible from the hallways of the Pentagon to battlefields and secured spaces worldwide.
The strategy focused on improving wireless infrastructure and mobile devices and applications. The steps it proposes are designed to keep these areas reliable, secure and flexible enough to keep up with the pace of technology. Then in February the department released a Commercial Mobile Device Implementation Plan with goals and objectives for allowing the secure use of mobile devices. A key objective is to establish a departmentwide mobile enterprise plan that permits the use of smartphones and tablets from different vendors and to develop an enterprise mobile device management capability and app store to support about 100,000 devices from multiple vendors.
Carey said the Defense Information Systems Agency “is leading the charge for DOD to centrally provide and provision an infrastructure that we can then all use.”
DISA is rolling out unclassified and classified devices in phases that began this year and continue until fiscal 2014. A slide from Carey’s presentation indicated that in March DISA rolled out 500 devices at the Secret classification, and in April, 1,500 unclassified devices. The next phase begins in September, when DISA will roll out 5,000 unclassified devices and 1,500 devices at the Top Secret classification. In fiscal 2014 it will roll out up to 100,000 unclassified devices and have enterprise capability for devices at classified levels.
“We’re doing both [unclassified and classified] simultaneously right now and we’ll expand both as the demand signal requires,” Carey said. “But we’re moving out on the unclassified with [vendor] choices with the secure architecture up at DISA, engaging Internet service providers, creating mobile device management solutions that meet security requirements of the Federal CIO Council, and other things,” he added. “So we’re out on-point with the federal government, doing work that keeps the unclassified devices secure.”
On the federal mobility effort, the department is working with the National Institute of Standards and Technology, the Department of Homeland Security, the Department of Justice and the Federal CIO Council “to ensure that the standards we use for an unclassified phone are the same. That’s really important,” he noted.
Carey said DISA also is working to define the way forward on public key infrastructure, or PKI authentication solutions fo