Top military officials are finally getting a chance to see first hand how tablet computers and smartphones other than their trusted BlackBerrys might work in the line of duty.
As part of previously undisclosed program, 200 mobile devices – including iPads, iPhones, Samsung Galaxy tablets and smartphones – have been issued to senior military personnel: 100 to top leadership in the Pentagon and another 100 to key staff at major commands such as Army Cyber Command and the Training and Doctrine Command.
The program is a joint effort between the Army and the Defense Information Systems Agency (DISA). The pilot equips Army personnel with mobile devices while DISA runs the back end infrastructure, explained John Walsh, program manager for Army mobility in the office of the Army’s chief information officer for cybersecurity and information assurance.
The goal of the pilot is to introduce new mobile technology to top Army leaders and to make them comfortable with it. By issuing top leaders with devices like tablets, the pilot program also hopes to stimulate innovative uses and to prompt feedback for additional technology requirements, Walsh said.
While most federal agencies have been testing the feasibility – and assessing the security risks – of popular mobile devices, stringent rules restricting which devices can access Defense Department networks have prevented senior officers from being able to use Apple or Android-based devices on the job. That hasn’t stopped a myriad of test programs across the services, but Defense officials have been trying to standardize such efforts.
The new mobile devices are viewed as important experiment because while officials have been used to BlackBerry devices to read email, the new tablets and smart phones offer more flexibility and capability for work. “This is more than just a phone, it’s more than just email,” Walsh said.
Already nearing the end of its first phase, the program consists of a series of six-month phases. Additional services and capabilities are added into the program with each new phase, Walsh said. The upcoming phase will see the addition of common access card (CAC) readers to the devices. “We’re building and testing as we go,” he said.
Because DISA is managing the program’s back end and infrastructure, it makes the effort easier to manage and promises to deter individual Army commands from trying to manage their own individual programs. Running the program through DISA also allows security to be more efficiently managed, allows the effort to scale more quickly and introduce new devices as they become available, Walsh said.
Walsh foresees these efforts also addressing a central question in adopting the new mobile devices: Whether to support a bring-your-own device (BYOD) policy.
Walsh said BYOD can be achieved through virtualization and security protocols. The devices would require user authentication to access data in the DISA cloud. By using role-based access and software virtualization, it could offer the Army a way to avoid getting into the business of hardware management, Walsh said.
Others, however, including Defense Department Deputy CIO, Robert Carey, speaking as recently as last week, continue to express skepticism about the adoption of BYOD programs in an institution like the Defense Department.
Walsh foresees the pilot program will ultimately provide the means to test access to secure and top secret DOD networks. The Army has embedded personnel at DISA to push this part of the effort forward, Walsh said.
What is needed now, however, is a virtualization tool to handle secure access. The program recently issued a broad agency announcement to industry requesting information about technologies and products that can virtually connect any mobile device to the cloud. The goal of the request is for industry to approach the DOD with a turnkey solution, but this may take some time, he cautioned.
Another area that the program is focusing on is mobile device management. The DOD will require such a system to control end point user devices. DISA just announced a milestone request for proposal for industry to provide a software tool to manage mobile devices. Walsh noted that this technology is already widely in use in the commercial sector with firms such as Good Technology and AirWatch marketing proven mobile device management products.
The Army is also working on establishing a mobile applications store to support its mobile efforts, Walsh said. He noted that the DOD does not want non-vetted applications used on its networks and it wants to assist personnel in making good decisions about what apps they do use.
Secure access for the mobile devices is another key part of the program. The Army has used CAC cards for years to access desktop phones, computers and workstations. The program is now working with vendors to develop BlueTooth enabled CAC slides that can be attached to mobile devices. The slides will be included in the next phase of the program, Walsh said.