Mobile

Pentagon CIO points to in-phone security

Placeholder Image for Article Template

Pentagon CIO Teri Takai wants industry to find new ways of authenticating mobile users.

Defense Department CIO Teri Takai is urging industry to develop mobile devices that can be quickly certified by the Pentagon and that use derived credentials on users' phones in lieu of Common Access Cards.

"We're going to need to work with industry to make sure that as we look at derived credentials, as we look at a different way of authenticating, which we knew we were going to get to, that you are in fact investing in providing more and more security in that derived credential," Takai said at FedScoop's fourth annual MobileGov Summit on Feb. 27.

Derived credentials can be installed on devices via hardware such as microSD and SIM cards, instead of Common Access Cards, which rely on external readers.

Takai said DOD can't bank on having cutting-edge smartphones or tablet PCs given the current budget constraints and needs to have a secure mobile environment that isn't contingent on devices.

"The phone in and of itself and the security of the phone, as I say, is a start point, but now we're really talking about what are the structural changes that have to happen in the way we look at our data, in the way that we look at our applications, in the way we look at security," she said.

DOD's widespread use of apps further complicates security. Once a phone or operating system is certified for use, the preloaded apps also must be vetted. Ideally, agencies would include apps used by employees in their catalogues so updates and alterations to code could easily be accessed.

Tom Simmons, area vice president for Citrix Systems' U.S. Public Sector, said the best solution for securing data is hosting a virtualized app in a data center.

"Everything that goes on happens behind the firewall, and I'm seeing the results of that data," Simmons said. "But there's no data coming across the device. It's all just pictures."

About the Author

Reid Davenport is an FCW editorial fellow. Connect with him on Twitter: @ReidDavenport.

Featured

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.