Federal use of mobile technologies continues to mature. Since the advent of the mobile government movement, agencies have developed more effective security policies, clarified their choices of eligible mobile devices, and developed a number of mobile applications for agency use and for deployment to the public.
But that’s not where it ends. Where initial mobile usage was largely confined to email, other communications, and collaboration tools, now mobile is moving into mainstream information technology. That is, a growing number of agencies want their enterprise applications in secure, fully functional mobile versions. That means major adoption of existing applications, and taking a mobile-first approach to new ones.
Federal News Radio hosted a panel discussion to explore the issues surrounding mobility, mobile applications and development, and mobile management implications. Panelists were:
Several themes emerged from the discussion. One is that as agencies modernize their data centers, move to the cloud and take other IT infrastructure measures, they should do so from a perspective of mobile-first – fully supporting mobile users and constituents, simply because that’s the way the world is moving.
Another is that security architectures must evolve for effective mobility. Two-factor authentication, derived credentials instead of cards, and acknowledgement of the several networks that might be involved in a given mobile session. That means device configuration management, IT policy enforcement and digital rights managements must be carefully calibrated.
A third is that when modernizing the large legacy applications in the federal government, with their sometimes byzantine code bases, IT shops should concentrate on making mobile the few most important and most-often used features. This approach will lead to faster, more reliable deployments. Use of agile development (or re-development) will bring a more regular and orderly set of applications to the mobile environment.
Tom Temin, Federal News Radio
Tom Temin has been the host of the Federal Drive since 2006. Tom has been reporting on and providing insight to technology markets for more than 30 years. Prior to joining Federal News Radio, Tom was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines. Tom also contributes a regular column on government information technology.
Hildegard Ferraiolo, Computer Scientist, National Institute of Standards and Technology
Hildegard Ferraiolo is a Senior Computer Scientist at National Institute of Standards and Technology (NIST) where she is leading the PIV Program activities including the recent completed revision 2 of Federal Information Processing Standard (FIPS) 201—the standard for identity verification of federal employees and contractors that has close to 5 million federal subscribers . Hildegard co-authored and developed several NIST publications in the FIPS 201 standard suite – including SP 800-157 Derived PIV Credentials for Mobile Device. Prior to leading the PIV Program, Hildegard launched the NIST Personal Identity Verification test program (NPIVP), resulting in the full accreditation of ten independent test laboratories and (to date) validation of over 70 PIV Middleware and Card applications products.
Vincent Sritapan, Program Manager for Mobile Security R&D, Department of Homeland Security Science and Technology Directorate, Homeland Security Advanced Research, Cyber Security Division
Vincent Sritapan is a Program Manager in the Cyber Security Division (CSD) for the Department of Homeland Security Science and Technology Directorate Homeland Security Advanced Research Projects Agency. Sritapan oversees Mobile Security Research and Development (R&D) projects aimed at accelerating the adoption of secure mobility for the department, government and global community to ensure the homeland security mission.
Prior to joining CSD, Sritapan spent three years with the department’s Office of the Chief Information Security Officer as the Technical Lead and Component Coordinator in the Information Security Architecture and Engineering Division.
Sritapan holds a bachelor’s of science in Information Systems from California State University Northridge, a master’s in National Security Studies and an MBA in Information Assurance and Security Management from California State University San Bernardino.
Sritapan teaches cyber as an Adjunct Assistant Professor at Northern Virginia Community College and is a direct commissioned Information Professional Officer in the United States Navy Reserve. He is a National Science Foundation CyberCorps Scholarship for Service Alumnus and an Office of the Director of National Intelligence—Intelligence Community Scholar Alumnus.
Jake Marcellus, Mobility Portfolio Manager, Defense Information Systems Agency
Dave Harrity, Associate CIO for Enterprise Infrastructure & Operations, General Services Administration
David Harrity is the Associate CIO for Enterprise Infrastructure and Operations at the U.S. General Services Administration (GSA). He oversees the agency’s enterprise-wide IT infrastructure supporting its workforce with IT Help and onsite support; end-user computing and mobile devices and services; identity management, server, storage, cloud, devops and network operations support; voice, video and data communications; conferencing and collaboration solutions; Virtual Private Network (VPN) and remote access supporting mobility and teleworking related initiatives.
Prior to joining GSA, he served as the Chief of Network Services for the U.S. Department of Education (ED) and oversaw the agency’s enterprise-wide IT infrastructure for voice, video and data communications. Prior to joining federal government, he served 10 years in management and consulting roles with firms, such as Computer Sciences Corporation (CSC), Science Applications International Corporation (SAIC), Cap Gemini Ernst & Young and 3Com Corporation, following 10 years of military service in the U.S. Navy.
He has a bachelor’s degree in Nuclear Engineering Technology from Thomas Edison State University and a M.S. in Management of Information Technology from the University of Virginia’s McIntire School of Commerce, and is a graduate of the Federal Executive Institute (FEI). He holds certifications as FAC-P/PM Senior Level, Project Management Professional (PMP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and Certified in the Governance of Enterprise IT (CGEIT), and holds several other certifications in IT service management and cloud computing.
Sean Frazier, Chief Technical Evangelist, Public Sector, MobileIron
Sean Frazier is the Chief Technical Evangelist for Mobileiron’s public sector practice. He works with mobility industry leaders in the area of device and application security for Mobileiron’s government customers and partners to provide solutions to ongoing mobility challenges. These challenges, and Sean’s expertise cut across a wide variety of technologies from networks to content capabilities to mobile applications. Sean has over 15 years of experience in cybersecurity, ranging from network and content security to applications and mobility. Prior to his role @ Mobileiron, Sean worked at many other technology companies, focused on public sector cybersecurity, such as Cisco, Netscape & Loudcloud/Opsware.