"FedRAMP-like" policy for mobile app security
As agencies move to mobility, new, unimagined threats potentially can enter the enterprise. While we all could see how law enforcement could benefit from a "blue-force" tracking app to know where its assets are, what if this system was compromised and the "bad guys" knew the same information?
There needs to be some guidance in this area -- potentially using a model similar to the Federal Risk and Authorization Management Program (FedRAMP) that has been used to baseline cloud-security controls.
A good place to center some efforts in this area is to look at what the Department of Homeland Security is doing with its "Carwash" mobile app testing program. This program is meant to test government-developed apps. They have recently received a commitment from the Department of Justice that they will participate in this "shared-service."
Many government workers create and access data, not from behind a desk but in the "field." Typically, some of the data is collected in a paper format and re-typed into "the system" at the end of the day.
Pam Hird, with the National Agricultural Statistical Service (NASS) of the United States Department of Agriculture (USDA) implemented a program for her survey workers to go from a paper-based to a tablet system. She not only saved the department $3 million per year, but drastically reduced error rates.
As the president of a non-profit called the Digital Government Foundation, we are looking at non-IT areas to potentially save money. For example, I was part of an effort with the University of Central Florida to digitize the Federal Register using five data.gov feeds. President Obama ultimately decided to cancel the print version of the publication and highlighted the effort in the "Campaign to Cut Waste".
The original Digital Government Strategy directed agencies to identify two systems to "mobilize." Maybe DGF II could require them to actually mobilize two systems. That will really get government agencies thinking like business and figure out creative ways to finance mobility using existing resources.
The Digital Government Strategy was an influential document that has moved the federal government in mobility and really fostered a level of collaboration within government rarely seen. There is more work to be done and the collaboration needs to continue.