Mobile

Pentagon CIO points to in-phone security

Placeholder Image for Article Template

Pentagon CIO Teri Takai wants industry to find new ways of authenticating mobile users.

Defense Department CIO Teri Takai is urging industry to develop mobile devices that can be quickly certified by the Pentagon and that use derived credentials on users' phones in lieu of Common Access Cards.

"We're going to need to work with industry to make sure that as we look at derived credentials, as we look at a different way of authenticating, which we knew we were going to get to, that you are in fact investing in providing more and more security in that derived credential," Takai said at FedScoop's fourth annual MobileGov Summit on Feb. 27.

Derived credentials can be installed on devices via hardware such as microSD and SIM cards, instead of Common Access Cards, which rely on external readers.

Takai said DOD can't bank on having cutting-edge smartphones or tablet PCs given the current budget constraints and needs to have a secure mobile environment that isn't contingent on devices.

"The phone in and of itself and the security of the phone, as I say, is a start point, but now we're really talking about what are the structural changes that have to happen in the way we look at our data, in the way that we look at our applications, in the way we look at security," she said.

DOD's widespread use of apps further complicates security. Once a phone or operating system is certified for use, the preloaded apps also must be vetted. Ideally, agencies would include apps used by employees in their catalogues so updates and alterations to code could easily be accessed.

Tom Simmons, area vice president for Citrix Systems' U.S. Public Sector, said the best solution for securing data is hosting a virtualized app in a data center.

"Everything that goes on happens behind the firewall, and I'm seeing the results of that data," Simmons said. "But there's no data coming across the device. It's all just pictures."

About the Author

Reid Davenport is an FCW editorial fellow. Connect with him on Twitter: @ReidDavenport.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.