The US Marine Corps is launching a novel beta test with commercial wireless carriers that, if successful, could save the Corps as much as $10 million a year while providing more Marines mobile access to USMC data. It could also shake up the Defense Department's current position on using personal smartphones at work.
The initiative, which begins next week with AT&T, Sprint, and Verizon, will test whether the wireless carriers can successfully deliver a secure, corporate-managed operating environment on personally owned, commercially available smartphones while also meeting the government's legal requirements.
The three carriers will provide the Marine Corps with a total of 21 iOS and Android smartphones with secured virtual work environments, using cloud-based software services provided by the carriers, as part of a four-month long evaluation.
"Our intent is to identify the security of the data in transit, the security of the data at rest, [and] the separation of the organizational instance from the personal instance on the device," said Rob Anderson, vision and strategy division chief for USMC's Command, Control, Communications, and Computers (C4) Department.
The test will also evaluate how derived PKI (public key infrastructure) certificates are incorporated into the device and within the organizational environment on the device. The Marine Corps also wants a clearer understanding of how to manage personally owned corporate environments on various phones, what issues Tier 1 Help Desk support will face, and users' experiences.
"We also have to prove to the lawyers that the US Marine Corps and the government [don't] have undue oversight on the personal lives of users [and properly addresses liability concerns,]" said Anderson. If the test is successful, the Marine Corps will establish a six-month pilot involving 500 devices.
The proof-of-concept test represents a striking departure from the prevailing wisdom within the military on bring-your-own devices (BYOD). The Defense Department, after numerous pilot tests, has unofficially concluded that allowing employees and service members to use their own mobile devices for work poses too many security risks and is more costly to manage than simply issuing government-furnished equipment.
The test represents more than a technical demonstration for the Marine Corps, however. Faced with stark budget cutbacks for the foreseeable future, USMC Commands have been forced to slash operating costs, leaving leaders to choose between bullets and BlackBerrys, said Anderson.
Despite concerted efforts by the Defense Department to drive down the total cost of government-furnished mobile devices, the annual cost for the Marines Corps' mobile phones isn't cheap. The Marine Corps pays DISA -- the agency that provides centralized communications and IT services across the Defense Department -- $1.17 per device per month for each user on DISA's BlackBerry Enterprise Service 10 system, according to Anderson..
"We were paying $35 per month to manage a BlackBerry [for 11,083 Marines], so we've saved millions," Anderson said. But DISA's price doesn't cover the Marine Corps' cost for devices, which totaled $10.2 million in fiscal year 2013, nor does it include the cost of voice and data plans, which represents the bulk of the operating costs.
"There are only three ways to reduce the costs," Anderson said. "Reduce voice and data costs, reduce management costs, or reduce the number of devices." Less than 1% of the Corps' 182,000 Marines have BlackBerrys now. The prospects of cutting that further sent Anderson looking for a different option -- and he's about to find out whether the wireless carriers can provide one.
The ability to provide dual virtual operating environments on a single smartphone isn't new. But with advances in 4G LTE technology and smartphone designs, wireless carriers now routinely offer corporate customers turnkey mobile device management (MDM) services that are easier and less expensive for companies than operating MDM systems on their own.
AT&T, for instance, offers a service called Toggle, which effectively splits a user's smartphone in half. It gives employees a virtual office smartphone on their personal device and allows IT administrators to manage users, apps, content, policies, configuration, and reporting through a Toggle portal. The setup prevents users from copying information from their work environment to their personal environment, and vice versa, on their device.
"Toggle is not a hypervisor solution, [which must] get down to the bare metal of a device," said Tina Chester, AT&T's executive director product marketing. Rather, it's software that securely partitions the phone, creating an encrypted virtual container that doesn't require any arrangements with the original equipment manufacturer.
Verizon offers a comparable mobile workforce management service, which allows IT administrators to deploy and manage a virtual container on a personal mobile device.
"The service is carrier-agnostic," said Mike Zirkle, Verizon's associate director, public sector marketing. "So if you have Wi-Fi-only devices, or you're down range, or you're using another carrier outside the US, mobile workforce management service will still provide policy control of the container." The service requires no new infrastructure and supports all the major smartphone platforms, via Verizon's Terremark cloud.
Verizon's pricing model is user-centric, not device-centric, according to Zirkle. The carrier currently charges corporate customers less than $5 per user, per month for up to six devices, depending on the contract, he said. An AT&T spokesperson indicated that AT&T's Toggle program was similarly priced.
The Marines are continuing to look at corporate-owned devices that employees can use for personal applications, but according to Anderson, "That doesn't really provide us any cost savings, and most users want to get away from carrying two or more phones." He expects to know by September whether the BYOD beta test results point to a better answer.
What do Uber, Bank of America, and Walgreens have to do with your mobile app strategy? Find out in the new Maximizing Mobility issue of InformationWeek Tech Digest.
Wyatt Kash is a former Editor of InformationWeek Government, and currently VP for Content Strategy at ScoopMedia. He has covered government IT and technology trends since 2004, as Editor-in-Chief of Government Computer News and Defense Systems (owned by The Washington Post ... View Full Bio
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.