wfedstaff | April 18, 2015 12:07 am
The FBI is a few weeks away from completing one of the federal government’s largest deployments of Android smartphones, enough to outfit most of its field agents and analysts with new devices and new security licenses.
By the yardsticks that generally accompany agencies’ adoption of mobile technology, the rollout is both large and lightning fast. In June, the FBI posted a bid for 27,000 licenses for Samsung Knox security software to run on new Galaxy S5 handsets. It made an award four days later and it’s deployed 22,000 devices to its 56 field offices over the past four months.
The rest of the job should be finished by early February, said David Rubin, an assistant FBI section chief who serves as the agency’s head of mobility.
“By early February, we should have just under 30,000 deployed, which is tremendous,” he told the audience at a breakfast meeting Tuesday organized by AFCEA’s Bethesda, Maryland chapter. “That involved multiple teams, and it took a lot of cooperation with our wireless carrier and other vendors to make it happen.”
Insight by Carahsoft: This exclusive e-book demonstrates just how far agencies have come and where they still need to go to take fully advantage of DevSecOps to drive modern capabilities to their customers.
The large Android deployment involves only devices running on the FBI’s unclassified networks. But Rubin said the bureau simultaneously is making inroads toward letting its staff connect to classified networks via government-owned commercial mobile devices.
“On our secret networks, we have a lot of thin client technology we’re pushing out to our field offices that lets our special agents work right at the edge with mobile kits in real time,” Rubin said. “We’re doing the same thing on our [top secret] environment as well: Before, our daily brief to the director involved a 500-page binder every single day. Just imagine how many trees we took out. Today, we’re doing that brief on a tablet that’s just been accredited at the top secret level and provisioned, and it’s enriched with audio, video, pictures and the like. Everyone in the room is using that form factor instead of binders.”
With the foundations of a secure next-generation mobility infrastructure being laid down across the agency, the FBI now is setting its sights on a crop of mobile apps that will attempt to make use of the new platforms in rapid development cycles. The aim is to not just upgrade from the capabilities of the mostly- BlackBerry handhelds the new devices are replacing, but also to let the bureau’s field staff perform functions that, until now, have required a laptop or desktop computer and a wired network connection.
Apps pipeline is filled
Rubin said the bureau is “crowdsourcing” its app development process with its field agents. While a centralized governing board has the final call over where the agency allocates its scarce dollars for mobile applications, the FBI wants apps that support a wide variety of use cases. It is trying to shuffle them through its security approval process in eight-week cycles.
“That’s a tough push right now, but we already have 25 apps in the pipeline,” he said. “Some of them are already being used. We have an agent on my team who’s part of our fugitive task force, and he’s using our smartphone with a biometric reader to enroll suspects into the system. Traditionally, it was a 35-pound kit with a wealth of cryptography gear that had to be pulled out every time. Now, he leans over to the guy in handcuffs, gets the thumbprint on his phone and, boom, it connects right to our back-end [Criminal Justice Information Services] database. It’s use cases like that that are truly changing the way we do business.”
While the bureau has invested heavily in Android-based hardware for the moment, it’s also striving to build its mobility infrastructure to be as device-agnostic as possible. The apps it’s built so far should be portable to other platforms with minimal effort, he said.
The tailored mobility ideas the FBI is creating were fashioned in a collaboration with the bureau’s enterprise architecture program office, which earlier had decided to shun one-size-fits-all approaches to IT and promote the idea that different “personas” within the bureau would want and need to use technology in different ways, a pursuit it promulgated in an end-user environment strategy.
Security and usability lessons learned
“You might have a special agent who’s very tactically-focused and who’s stopping bad guys on the street, and you also have someone in our lab division that might need special gloves or a stylus so they can interact with the screen,” Rubin said. “We’re trying those kinds of things out through what we call innovation pilots. Whether it’s wearable technology or other things, we’re trying to find out what works for people in the field. And our mobile group is not just our IT staff. We have our [Office of General Counsel]. We have our records management staff. We make sure that all of our groups are in. We turn them into champions of the effort and make sure their interests are protected so that they’re all champions of the effort. I have to do that, because at the end of the day I’m competing with what a special agent can do on their personal device, and that to me is the worst thing ever. If I don’t provide a capability they can use, they will find a way to do it some other way. They will get the job done no matter what. I want to provide the technology to them so that they can do it securely and they don’t have to get it elsewhere.”
While Rubin says the bureau is now on the right track to providing its users with the technology they need so they don’t need to bring it themselves, it was not always thus. In its earlier experiments with mobile apps and devices, the agency learned some painful lessons, most of them dealing with trying to find the right balance between security and usability.
“The first solution we put out there was very, very secure, because even though we wanted to untether our users, we were still treating these mobile devices like they were desktop computers,” Rubin said. “So filtered every bit of traffic and hardened the devices, and even though we thought the battery life was pretty good, our end users didn’t. We have pictures of agents trying to run kidnapping cases while they’re plugged into a wall charger. That’s not mobile, that’s terrible. So we backed off a little bit. We’re working a little more carefully on separating out the FBI crown jewels by containerizing certain aspects of the device instead of forcing every single piece of data through our trusted Internet connections.”