DISA Mobile Decision Sends Potent Signal - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

12:16 PM
Wyatt Kash
Wyatt Kash
Connect Directly

DISA Mobile Decision Sends Potent Signal

Defense Information System Agency's commitment to off-the-shelf mobile tech is likely to ripple across the government as well as health, financial and other security-sensitive industries.

10 Breakthrough DARPA Technologies
10 Breakthrough DARPA Technologies
(click image for larger view and for slideshow)
The Defense Information System Agency's just-awarded $16 million mobile device management (MDM) and mobile application store (MAS) contract award represents a seminal moment in the history of federal mobile computing and quite possibly the mobile industry at large.

The choice of consumer-off-the-shelf mobile devices and software applications by DISA, on behalf of the Department of Defense, sends a signal to all highly regulated organizations with mobile information assurance and security concerns that the United States government has determined that it's willing to treat mobile devices as first-class citizens on its networks. It's an admission that the growing use of smartphones, tablets and other small devices -- which are outpacing traditional PCs -- must be taken into account, the risks assessed, mitigated and eventually deployed. It also says the DOD is open to deploying commercially available mobile technology on a large scale.

Based on the publicly available request for proposal and DISA's performance work statement, it's evident the DISA MDM/MAS award reflected industry's input and consequently had multiple criteria, but central among them were the following information assurance criteria:

[ How do Brits get tips from the government on the run? Read British Increasingly Use Smartphones To Visit Government Websites. ]

-- The use of FIPS 140-2 compliant cryptographic modules, which call for the highest available advanced encryption standards.

-- The use of DOD public key infrastructure (PKI) and hardware security module support. PKI provides for a digital certificate that can identify an individual or an organization and directory services that can store and revoke the certificates.

-- The use of an on-device integrity checker that substantiates applications, offers tamper resistance, verifies the device's integrity and prevents the rooting of devices.

In recent months, seemingly all official deployments of mobile technology across the DOD have come to a screeching halt as every branch of military, facing sequestration and related budget cutbacks, looked to which way DISA would go.

Near-Term Ramifications

In the short term, the DISA award promises to change the U.S. federal mobile landscape in the most meaningful way since RIM's BlackBerry device was granted a waiver to send information outside the continental U.S. and became the de facto government furnished equipment device for all of the federal government. BlackBerry, as RIM calls itself now, has been leveraging this same interim authority to operate for years.

According to the request for proposal posting for this procurement, DISA requested four tranches of 25,000 units, for a total of 100,000 units, in the base year of the contract. Elsewhere in the performance work statement, it was noted that the solution should support a minimum of 162,500 devices, with the potential of 262,500 mobile devices by the end of the contract. An earlier version of the RFP posted on the GSA's Federal Business Opportunities site called for support for one million devices.

Given DISA's mission, to be the information provider to the Department of Defense, this award, in parallel with DISA's efforts to consolidate data centers across the DOD, effectively creates a one-stop shop for DOD personnel to purchase and operate mobile devices.

Long-Term Implications

The DOD is looking long-term as well, even as it acknowledged that the market remains in flux. As noted in DISA's performance work statement (PWS): "Because the current market landscape is still maturing from a security and architecture perspective, the critical requirements provided for this MDM/MAS acquisition are short-term and are limited in scope to provide the government the flexibility to adjust with evolving solutions. The current PWS is shaped to reflect the capabilities currently available in the marketplace. The government desires to see innovative solutions that may bring value to the government during contract performance."

Unlike the uptake and subsequent standardization on BlackBerry for mostly personal information management and email-appliance functionality, the DISA award signals something much more important: The tacit admission that mobile devices are here to stay and that they must be treated as primary devices for email but more importantly for a variety of line of business and mission-critical uses.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
IT Careers: 10 Industries with Job Openings Right Now
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/27/2020
How 5G Rollout May Benefit Businesses More than Consumers
Joao-Pierre S. Ruth, Senior Writer,  5/21/2020
IT Leadership in Education: Getting Online School Right
Jessica Davis, Senior Editor, Enterprise Apps,  5/20/2020
White Papers
Register for InformationWeek Newsletters
The State of IT & Cybersecurity Operations 2020
The State of IT & Cybersecurity Operations 2020
Download this report from InformationWeek, in partnership with Dark Reading, to learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. Get it now!
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
Flash Poll