As the line between mobile devices and computers becomes increasingly indistinct, federal workers are finding that mobile technology offers them flexibility and freedom that has the potential to vastly improve performance. But the downside is that these devices present a number of unique security risks.
The National Institute for Standards and Technology updated some of its guidelines for the securing of mobile devices in an attempt to keep up with rapidly advancing technology. Murugiah Souppaya, a computer scientist at NIST and co-author of these guidelines, told the Federal Drive with Tom Temin that this was necessary because while controls and risk management remain the same, the technology has advanced.
“Things we tend to do on desktop and laptop systems are not being implemented equally on mobile devices,” Souppaya said. “The controls are still required to protect the level of information that would have been processed and transmitted on those devices, but some of the technical mechanisms for safeguarding that information is likely different on mobile devices because of their architecture.”
Souppaya said that agencies need to be able to institute inventory and accountability controls to keep track of the devices and how they are being used, as well as confirming their integrity by ensuring they are not jailbroken or rooted. In addition, the networks used by these devices can present vulnerabilities.
But when mobile devices and their networks are secured properly, according to Lt. Col. Mark Henderson, product manager at Warfighter Information Network-Tactical Increment 1, they can be game changers.
Before the Army began using Wi-Fi, soldiers spent hours setting up brigade command Tactical Operations Centers before they could even start bringing the networks online. Henderson said that soldiers had to cut, lay out, configure and connect up to 17 boxes— at 225 pounds apiece —full of 1,000-foot reels of CAT-5 cable, then lay protective flooring over top, all before beginning to connect the networks.
But now, soldiers can begin setting up communications networks almost alongside infrastructure at TOCs.
“[Command post] Wi-Fi is a disruptive technology that enables units to connect and communicate faster,” Henderson said.
Command posts also can stay up longer because of this technology, communicating until the very last minute, according to Henderson. The same CAT-5 cable would ordinarily have to be taken down, inventoried, and repacked before moving. This could lead to further delays, as wear-and-tear takes its toll on the cables.
The increased freedom of movement provided by mobile technology also facilitates the problem-solving capabilities of soldiers.
“What I saw was a soldier who had a question about something that he was doing,” Henderson said. “He picked up his laptop from where he was sitting, and walked from one end of the TOC all the way to the other end … and he was still doing what it was he needed to do. Imagine a scenario where you have miles of dedicated cable that was cut and laid, and he was connected by that cable … by virtue of the fact that he is able to operate wirelessly … the amount of time that was lost to provide mission support was reduced to a much more negligible amount than what it would have been previously. That right there is truly disruptive and game-changing technology.”
These technologies save not only time, but money as well. Henderson said he has seen significant cost-savings in transporting the cable and other gear alone. Henderson said other equipment, such as force-multipliers or humanitarian support equipment, can take the place of the nearly 4000 pounds of cable, enabling soldiers to be more effective, or accomplish a broader array of missions.
Henderson said this “disruptive technology” being used is almost entirely commercial in origin.
“Because of the speed at which industry is developing this equipment, we work very closely with government agencies, amongst them the NSA, to identify solutions to utilize commercial technology and overlapping pieces of equipment [and] software to actually produce very secure architecture and systems to be able to get this technology out much faster than it would be otherwise, and also that it be very secure,” he said.