The Defense Department is in the first stages of implementing a mobile technology infrastructure that will serve the entire military. As they set down that path, officials say they desperately want to avoid repeating the practices military services used when they built their traditional wired networks.
According to an oft-cited figure from U.S. Cyber Command,approximately 15,000 individual network enclaves exist within DoD, each of which grew up according to their own standards, leading to a mishmash of IT that’s extremely expensive to manage and almost impossible to secure. The Pentagon has only begun to unwind those stovepiped networks by closing down data centers, terminating boutique applications and pointing itself toward a future state known as the Joint Information Environment.
When it comes to mobility, that’s a headache DoD would rather not repeat.
“We are not going to go out and do mobility on our own,” said Gary Blohm, the director of the Army’s architecture integration center. “We had tons of mobility pilots. Everyone had one, and everyone was trying to do our own thing. There’s a balance between allowing innovation and centralization, but one of the things we decided to do from an enterprise perspective was focus with our partners in the Defense Information Systems Agency, centralize our efforts there with them as the supplier, so we could move faster on mobility.”
Once the centralized mobile infrastructure, including a single mobile device management system and a DoD app store reaches initial operational capability, the military services will assume the responsibility for funding the mobility infrastructure and help to define its requirements, but it will continue to be operated as a service by DISA, Blohm told a mobility symposium organized by AFCEA’s Bethesda chapter.
“One of the challenges we’ve had with multiple services was that everybody wants to do it their way and have control over it,” said Brian Teeple, the principal director for command, control, communications and computers, and information infrastructure in the DoD CIO’s office. “But the budget environment has helped in that sense. When we do the (return on investment) calculations, where we’re seeing our savings is instead of doing things four times, doing it once. It’s also safer for security, because every time someone does something a little bit differently, it introduces one more vulnerability.”
Beyond managing devices and apps at the DoD enterprise level, the Army’s Blohm said the commercial-centric mobile infrastructure needs to be highly secure, but it also needs to be based on a single, common computing environment and be device- agnostic.
“People come to us sometimes and say, ‘I have a hardware solution to your problem. I’ll build you a device, it’ll look like a commercial device, but the hardware will really secure things for you.’ We don’t believe that’s the right way to go. We can’t keep up with the commercial industry that way,” he said. “We think we need to do the security by software. And we can’t pick a device for our leaders. If we bring them an iPhone, somebody in the room is going to say, ‘no, I want a Samsung.’ Then if we say, okay, we’ll go Samsung, somebody else is going to say, ‘no, no, I want an iPhone.’ And what they want today is going to be different from what they want tomorrow. So our challenge is to keep pace with that. That’s why this device agnostic architecture is so important to us. We need to keep up with a security approach that lets us keep up with commercial and not do something different and unique just for us.”
But Blohm says even though the Army wants soldiers to be able to use mobile devices at work with the same ease-of-use and functionality they’ve gotten used to in their personal lives, the military still has a long way to go. In pilots thus far, he says devices have needed to have many of their functions disabled for security purposes.
“People tell us, ‘OK, you’ve given me a commercial device, but it’s not that device anymore because once I go into the secure section, all I can basically do is look at email. It’s basically a BlackBerry with a nice screen,'” he said. “So we need to open that up, and for us it’s a really big balancing act. We have to be the bad people sometimes that tell folks, ‘I’m sorry, but you have to authenticate with a common access card.’ We have to do things in a secure fashion. People want to think first about the user functionality side, but they tend not to think about security until bad things happen. As we provide more mobile services, both for the tactical side and for the generating force, we still need to do these things.”
Blohm says as the Army tries to rationalize the rest of its networks, close data centers, shut down legacy applications and move network technology to lower echelons of Army units, it’s applying the same software-centric attitude it’s using for mobility. He said the Army wants to stop building specialized IT platforms to meet specific missions and move toward agile, well-designed software that runs on off-the shelf-hardware.
“We’re trying to get to a place where I don’t build a device if I want to do blue force tracking. I build an app to do that, and put it onto a common computing environment,” he said. “It really changes the culture about how we acquire things, and it’s one of the biggest challenges we have in our acquisition community. But I’ll tell you that our acquisition leadership is all over that, and we’re making progress every day.”