Mobile

Pentagon CIO points to in-phone security

Placeholder Image for Article Template

Pentagon CIO Teri Takai wants industry to find new ways of authenticating mobile users.

Defense Department CIO Teri Takai is urging industry to develop mobile devices that can be quickly certified by the Pentagon and that use derived credentials on users' phones in lieu of Common Access Cards.

"We're going to need to work with industry to make sure that as we look at derived credentials, as we look at a different way of authenticating, which we knew we were going to get to, that you are in fact investing in providing more and more security in that derived credential," Takai said at FedScoop's fourth annual MobileGov Summit on Feb. 27.

Derived credentials can be installed on devices via hardware such as microSD and SIM cards, instead of Common Access Cards, which rely on external readers.

Takai said DOD can't bank on having cutting-edge smartphones or tablet PCs given the current budget constraints and needs to have a secure mobile environment that isn't contingent on devices.

"The phone in and of itself and the security of the phone, as I say, is a start point, but now we're really talking about what are the structural changes that have to happen in the way we look at our data, in the way that we look at our applications, in the way we look at security," she said.

DOD's widespread use of apps further complicates security. Once a phone or operating system is certified for use, the preloaded apps also must be vetted. Ideally, agencies would include apps used by employees in their catalogues so updates and alterations to code could easily be accessed.

Tom Simmons, area vice president for Citrix Systems' U.S. Public Sector, said the best solution for securing data is hosting a virtualized app in a data center.

"Everything that goes on happens behind the firewall, and I'm seeing the results of that data," Simmons said. "But there's no data coming across the device. It's all just pictures."

About the Author

Reid Davenport is a former FCW editorial fellow. Connect with him on Twitter: @ReidDavenport.

Featured

  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.