Management

Agency IT should focus on apps, not devices

Sanjay Castelino

Want to scare an agency IT professional? Ask if you can put your unlocked iPhone on the internal agency network, and chuckle as your victim ages before your eyes. Federal IT leaders are tearing their hair out trying to determine how to best manage the growing demand for personal devices on secure networks, also known as bring your own device or BYOD.

The collective freaking out over BYOD, while justified, misses the larger point: The fight between agency IT departments and end users isn't over devices. It's over the applications on those devices.

Federal workers rely on a variety of applications, from calendars to task tracking to productivity suites, to do their jobs, but those applications might not be available on their government-issued devices.

It's not just agency business workers either. Even government IT professionals are trying to get access to mobile apps to help them do their jobs more effectively.

Love the app, hate the device

It's called "bring your own application," or BYOA. By addressing it, agency IT teams can avoid the security snarl posed by BYOD. More than just giving end users what they want in the form of a wider choice of mobile apps, delivering on the promise of BYOA can also offer IT departments far more security and stability in their operations, especially in the face of BYOD chaos.

From a purely functional standpoint, BYOA is the same as BYOD, except for the fact that application management is far easier to implement than device management, especially on an ever-growing scale that includes multiple versions of Windows Mobile, iOS and every flavor of Android imaginable. Keep in mind that BYOA doesn't mean every application will be given a green light. Instead, only those that have a measurable business use and can meet agency IT security criteria will be allowed.

BYOA, however, is easier said than done. How does an agency embrace customized mobile business apps while keeping rogue devices at bay? Some federal entities are already using one emerging strategy of an app store coupled with simultaneous control of the server-side applications to which the users' apps connect.

DIY enterprise applications

Agency app stores, similar to the General Services Administration's apps.USA.gov or the Defense Department's pending storefront, would feature agency-approved applications that are either created internally or, more likely, delivered by third-party providers for agency use. That allows for end-user customization while making agency IT professionals' lives that much easier, at least in theory.

With almost every BYOA client application on a mobile device, there will be a server-based, agency-monitored app that controls authentication and access to the data. That client/server relationship makes it easy to add layers of access control to specific apps, which are managed on the agency side via secure authentication and authorization technologies.

Go Web, young man

For agencies that are too concerned about security to readily engage bring your own anything, an alternative (maybe BYOA-Lite) could be the adoption of another emerging trend: mobile-friendly Web applications. Rather than focusing on client/server applications, agency IT professionals could begin directing users to secure, mobile-friendly portals for standardized apps, much like they already do for tasks such as email.

Personal devices would be treated like any non-standard device, and additional security layers could be added via a secure token or fob. That would eliminate a potential "app of the week" scenario while still giving agency IT teams continuous control over their app ecosystem.

Even in the private sector, BYOA adoption is very much in its infancy. But given the struggles that BYOD has brought about, agencies need to stop fighting over devices and start embracing a wider swath of mobile applications, and perhaps even solve a few additional IT headaches along the way.

About the Author

Sanjay Castelino is a vice president at SolarWinds, an IT management software provider based in Austin, Texas.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Wed, Sep 11, 2013 Tom Ruff Reston , vs

Agree 100%. Most smart devices have adequate security at the device level. CXO 's need to be more concerned about security at the enterprise application level . Agencies need to look towards Cloud based solutions that allow mobile users to access applications behind the firewall ( Mobile authentication to enterprise application behind the firewall ( Mobile authentication as a service ) .

Mon, Sep 9, 2013 OccupyIT

Sometimes you just have to shake your head and cry. First, well said. Second, its sad how distracted our supposed IT leaders get chasing fads and fame that you have to remind them its the work that gets done that is what matters not the device or the technology on which it is enabled. What a cycle of sugar-induced mania we'll hopefully come down from. Mission-first?

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group