Government // Mobile & Wireless
Commentary
11/27/2013
11:30 AM
Ashok Sankar
Ashok Sankar
Commentary
Connect Directly
LinkedIn
RSS
E-Mail
100%
0%

Keep Data Off Mobile Devices & Away From Adversaries

Why we must focus on protecting the data rather than securing mobile devices.

Mobility is proving essential for warfighters, intelligence officers, and public-sector professionals who spend much of their day outside an office if not in unfriendly territory.

Combat troops in particular depend upon mobile devices and connectivity to get up-to-the minute information to stay aware of their situation. They can do their jobs much more efficiently using light, handheld smartphones and tablets as opposed to heavy, clunky computers.

On the civilian side, a US Forest Service official similarly can inspect remote radio communications towers more efficiently and, thanks to mobile technology, stay in touch with colleagues and write reports while he or she is out in the field.

Mobility – and the need to secure mobile communications – is growing more urgent as the number of federal employees expected to retire – and the surge of your Millennials replacing them – continues to grow.  Consider: 53% of full-time federal workers will be eligible for retirement by 2014 and nearly 61% will be eligible by 2016, according to a forecast from the US Office of Personnel Management (OPM). Most of these workers will be replaced by Millennials and younger generations -- professionals who tend to view mobility and the ability to bring your own device as a “right,” not a privilege.

Given that the momentum can’t realistically be halted, attention now turns to how to manage mobility and, in particular, mobile cybersecurity threats.

[Is it time to take a more integrated approach to security? Read It's Not 'Mobile Security,' It's Just Security. ]

Predictably, the first wave of protection has taken hold in the form of encryption, containment, and mobile device management (MDM) solutions. These approaches focus on protecting the device.

Yet, they are ill equipped to adequately protect the wide range of highly-classified and sensitive-but-non-classified data that exists across many federal agencies. That’s why the cybersecurity industry must shift its focus: Protecting the data, as opposed to the device.

After all, devices are merely end points. Locking them down is complex and unmanageable – and fails to provide a real solution to the challenge of protecting the data mobile users still need to do their jobs.

Smartphones, tablets, and laptops may not be cheap, but you can replace them at a reasonable cost. The data, however, is often priceless and irreplaceable. Losing critical data could result in the complete disruption of critical operations for our Department of Defense (DoD), intelligence, and domestic agencies.

So why allow the data to remain so vulnerable by insisting that it reside on the device itself? Why not extend virtualization and secure redisplay concepts and technologies to ensure that data – and apps – can be safely accessed without compromising the user experience?

This day is coming soon when you’ll be able keep all of your valuable data and apps running in the back end IT systems of the enterprise, instead of on a smartphone or tablet, with the ability to replicate a mirror image of these key assets/tools onto the device itself.

Users won’t notice a difference, so they won’t complain about productivity interruptions. They will be able to securely access information to make confident decisions, especially under pressure during a time-sensitive mission.

With a virtual environment, IT system administrators will be able to limit user access to data within specific geographical endpoints (geofencing) – like near a Secure Compartmented Information Facility (SCIF). When they’re inside the SCIF, users can call up what they need to get the job done. When they leave, they no longer can do so and the data is no longer on the device, thus further protecting critical information.

Yes, the IT industry is developing these solutions now and some are already available. Bandwidth will no longer be a constraint. With increasing connectivity options, this virtualized environment is becoming very “real” to create, with desktop and remote-access paradigms for the mobile user. Industry is finally recognizing that any effort designed to protect the device will have limited impact. Again, it’s all about protecting the data, not the device.

In September 2012, the Defense Information Systems Agency (DISA) issued a Broad Agency Announcement (BAA) to equip its workforce with mobile devices that allow for Common Access Card (CAC)-enabled virtual thin client solutions. The pending virtual solutions will cover this requirement, in addition to all National Security Agency (NSA) mobile security standards.

This means that today’s mobile/BYOD generation government professionals – regardless of how old they are – can relax. No one needs to take their favorite devices away. Especially when we’re 100 percent confident that we’ll be better positioned than ever to protect what is in them.

Ashok Sankar leads market development and product strategy for Raytheon Trusted Computer Solutions. He specializes in cross-domain and multi-level security products for the Defense Department and the intelligence community.

Moving email to the cloud has lowered IT costs and improved efficiency. Find out what federal agencies can learn from early adopters in “The Great Email Migration” report. (Free registration required.) 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
J_Brandt
50%
50%
J_Brandt,
User Rank: Ninja
11/27/2013 | 4:55:27 PM
Re: Data vs Devices
I'm with @David.  Full mobile virtual or thin client is a step forward because for some data it's ok to have 100% on the remote network, for other data it is not.  I'm old school enough that I don't want to give up total control and ownership of my stuff.  I WANT My data locally.  Enterprise security needs to revolve around the data and that's going to cost us some convenience.  I don't think IT is going to be able to "relax" anytime soon though.
David F. Carr
50%
50%
David F. Carr,
User Rank: Author
11/27/2013 | 3:34:38 PM
Re: Data vs Devices
Except that complete virtualization = 100% dependence on the network, and offline access is one of the things users prize most about their mobile devices. I don't see users surrendering willingly to this tech imperative until the last mobile data dead zone is wiped from the face of the earth.
WKash
50%
50%
WKash,
User Rank: Author
11/27/2013 | 3:18:56 PM
Re: Data vs Devices
I suspect the tendency for IT folks to manage assets makes it easy for MDM vendors to pitch device management tools when what we really need is for devices to show us a picture of what's on a secure, remote server in the cloud so we see what we need to on our device, and intereact with the server, without actually putting data at rest on our devices. 
danielcawrey
50%
50%
danielcawrey,
User Rank: Ninja
11/27/2013 | 3:09:00 PM
Re: Data vs Devices
I think this is a great idea. It's a much better option than MDM. While I like MDM for a lot of reasons, I long have thought that it did not do enough to stem some of the serious and critical issues that could arise from a potential data leak. 
WKash
50%
50%
WKash,
User Rank: Author
11/27/2013 | 1:31:24 PM
Data vs Devices
The sooner we move to thin client smartphones the better.
<<   <   Page 2 / 2
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.