Mobile

Pentagon CIO points to in-phone security

Placeholder Image for Article Template

Pentagon CIO Teri Takai wants industry to find new ways of authenticating mobile users.

Defense Department CIO Teri Takai is urging industry to develop mobile devices that can be quickly certified by the Pentagon and that use derived credentials on users' phones in lieu of Common Access Cards.

"We're going to need to work with industry to make sure that as we look at derived credentials, as we look at a different way of authenticating, which we knew we were going to get to, that you are in fact investing in providing more and more security in that derived credential," Takai said at FedScoop's fourth annual MobileGov Summit on Feb. 27.

Derived credentials can be installed on devices via hardware such as microSD and SIM cards, instead of Common Access Cards, which rely on external readers.

Takai said DOD can't bank on having cutting-edge smartphones or tablet PCs given the current budget constraints and needs to have a secure mobile environment that isn't contingent on devices.

"The phone in and of itself and the security of the phone, as I say, is a start point, but now we're really talking about what are the structural changes that have to happen in the way we look at our data, in the way that we look at our applications, in the way we look at security," she said.

DOD's widespread use of apps further complicates security. Once a phone or operating system is certified for use, the preloaded apps also must be vetted. Ideally, agencies would include apps used by employees in their catalogues so updates and alterations to code could easily be accessed.

Tom Simmons, area vice president for Citrix Systems' U.S. Public Sector, said the best solution for securing data is hosting a virtualized app in a data center.

"Everything that goes on happens behind the firewall, and I'm seeing the results of that data," Simmons said. "But there's no data coming across the device. It's all just pictures."

About the Author

Reid Davenport is an FCW editorial fellow. Connect with him on Twitter: @ReidDavenport.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • Social network, census

    5 predictions for federal IT in 2017

    As the Trump team takes control, here's what the tech community can expect.

  • Rep. Gerald Connolly

    Connolly warns on workforce changes

    The ranking member of the House Oversight Committee's Government Operations panel warns that Congress will look to legislate changes to the federal workforce.

  • President Donald J. Trump delivers his inaugural address

    How will Trump lead on tech?

    The businessman turned reality star turned U.S. president clearly has mastered Twitter, but what will his administration mean for broader technology issues?

  • Login.gov moving ahead

    The bid to establish a single login for accessing government services is moving again on the last full day of the Obama presidency.

  • Shutterstock image (by Jirsak): customer care, relationship management, and leadership concept.

    Obama wraps up security clearance reforms

    In a last-minute executive order, President Obama institutes structural reforms to the security clearance process designed to create a more unified system across government agencies.

  • Shutterstock image: breached lock.

    What cyber can learn from counterterrorism

    The U.S. has to look at its experience in developing post-9/11 counterterrorism policies to inform efforts to formalize cybersecurity policies, says a senior official.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group