Forget mobile-device strategy: Here's a better way.

Federal agencies should not be planning for mobile device management, but rather mobile data management, advised speakers at a seminar at the FOSE government technology conference on April 3.

With new mobile devices being developed commercially every few months, a device-centric strategy is never going to keep up, said Anil Karmel, management and operations chief technology officer for the National Nuclear Security Agency.

“We’re looking at it in a different way that is completely data-centric,” Karmel said.

The three keys in planning are:

  • Determining where the data is resident;
  • Identifying the locations where it needs to be accessed, and;
  • Deciding how it should best be transported.

The answers determine what type of mobile data architecture should be used, he said. For security, the agency is using containerization and virtualization strategies. The agency has developed a draft Bring-Your-Own Device strategy that is being reviewed for approval, Karmel said.

At the National Security Agency, personal mobile devices, including phones, are not allowed in the building, said Troy Lange, mobility mission manager.

While that policy has not changed yet, it's possible that it could. The agency realizes that people depend on their devices and that potential new employees, especially younger ones, might be discouraged if it continues to bar all personal devices, Lange said.

A possible solution, he said, is for the NSA to develop enterprise mobile devices that can be used by employees while in the building for their personal calls and email.

The NSA has been exploring various solutions for enterprise mobility and is looking to industry to help provide some solutions. Because of the agency’s unique security requirements and closed classified systems, the marketplace mobility management solutions are not feasible, Lange said.

The NSA recently posted a capabilities package on its website seeking feedback from vendors on how to develop an enterprise mobile solution with adequate security.

“Our belief is that the financial or medical industry may be able to help us get traction on this,” Lange said.

At the Veterans Affairs Department, officials decided that developing a Bring Your Own Device policy for all types of mobile devices was not feasible, said Don Kachman Jr., director of security assurance and mobile technologies for the department.

“BYOD is not a technology issue, it is a policy issue,” Kachman said. Policies would need to be developed for what happens when devices break, when there need to be investigations, and many other contingencies, he said.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Wed, Apr 4, 2012 Henry

Most cyber-defense groups have been pushing data-centric security for many years. But unless you control everything under the data, your senstive details are easily pwn'd. This is where the cloud comes into play - if you can keep your data in the remote network and leak only humnan-views and human-directions (gestures, clicks, etc.) then the info that even a completely pwn'd device can exfiltrate is limited.

Wed, Apr 4, 2012 Richard

Good idea! Think outside the device!!

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group