Mobile device management software is helping federal, state and local governments to keep track of employee handheld devices. But as agency programs grow in size, new challenges such as technology life cycle and migration are beginning to surface. To address these issues, organizations are taking a number of approaches designed to meet their specific needs.
NASA straddles the line between device and data management policies. Unlike defense and intelligence agencies, NASA is an “open organization” founded to share its data with the public, said Adrian Gardner, chief information officer at NASA’s Goddard Space Flight Center at the Symantec Government Symposium.
But while the bulk of this scientific data is freely accessible, security is still important for access to the agency’s back end business and operational networks, Gardner said. NASA uses a Defense Department mobile security standard to manage access from employee mobile devices.
The agency is currently running a variety of mobile device management contracts and packages across its various facilities. NASA is also looking into a number of wireless technologies, such as software developed by Verizon that lets users separate business operations data from their personal information on their devices. NASA is also setting up its own BYOD effort, with much of its structure largely borrowed from the Nuclear Regulatory Agency’s mobile program, Gardner said.
It is critical for NASA to control mobile device access to its networks through the use of mobile device management (MDM) systems, Gardner said. But once the system is in place, federal agencies need to consider the operating costs for the software’s entire lifecycle, something the government doesn’t do very well, he said.
Fairfax County, Virginia has centralized its IT and mobile device support functions and is now in the process of launching a pilot mobile device program that will issue tablet computers and smart phones to a limited number of county personnel, said James Burris, chief executive officer of Ashburn Consulting. Although it has no BYOD mandate, the county has plans to work it into the initiative. One challenge is managing mobile security requirements, which can add more potential attack vectors into a network if not addressed properly, he said.
The county program is emphasizing robust security with strong passwords and access tools, but it is not specifying a single vendor or device type for the program. Part of the goal, which will ultimately lead to a BYOD solution is housing work related data in its servers, Burris said. Staff will be able to log into the network and access email and other information through a virtual desktop interface (VDI).
The county’s plan is for the system to provide very granular control. Besides managing access to the network, Burris said that another goal is to be able to smoothly migrate data when software and hardware become outdated.
Sometimes the size and scale of an organization can present a variety of challenges for mobile device deployments. The U.S. Department of Agriculture is a large agency with offices around the country and across the globe. It is a large to medium size enterprise with a variety of different missions, said Charles McClam, the USDA’s deputy chief information officer. Issuing mobile devices across the department is difficult because there are 29 CIOs in the USDA, each with a different mission and requirements, he said.
The department is in the process of acquiring an MDM system to help manage its various mobile programs, McClam said. One challenge is developing or acquiring mobility form factors to enhance productivity without compromising data. There are single device programs in use at the USDA, but they do not present the challenges that multiple devices do, he said.
One effort now underway at the USDA’s Natural Resources Conservation Service is providing personnel working in the field with a VDI system for their mobile devices. This allows staff to work remotely, meet with farmers and ranchers, collect data and send it back to the office, McClam said.
The agency is using Citrix to access the network back end systems for work email. USDA staff use soft tokens to access department IT networks. The program is also using VDI to help personnel access the department’s networks and a variety of services. VDI access will be extended to more USDA personnel once it has acquired and put the new MDM system into place, McClam said.