Mobile

Pentagon CIO points to in-phone security

Placeholder Image for Article Template

Pentagon CIO Teri Takai wants industry to find new ways of authenticating mobile users.

Defense Department CIO Teri Takai is urging industry to develop mobile devices that can be quickly certified by the Pentagon and that use derived credentials on users' phones in lieu of Common Access Cards.

"We're going to need to work with industry to make sure that as we look at derived credentials, as we look at a different way of authenticating, which we knew we were going to get to, that you are in fact investing in providing more and more security in that derived credential," Takai said at FedScoop's fourth annual MobileGov Summit on Feb. 27.

Derived credentials can be installed on devices via hardware such as microSD and SIM cards, instead of Common Access Cards, which rely on external readers.

Takai said DOD can't bank on having cutting-edge smartphones or tablet PCs given the current budget constraints and needs to have a secure mobile environment that isn't contingent on devices.

"The phone in and of itself and the security of the phone, as I say, is a start point, but now we're really talking about what are the structural changes that have to happen in the way we look at our data, in the way that we look at our applications, in the way we look at security," she said.

DOD's widespread use of apps further complicates security. Once a phone or operating system is certified for use, the preloaded apps also must be vetted. Ideally, agencies would include apps used by employees in their catalogues so updates and alterations to code could easily be accessed.

Tom Simmons, area vice president for Citrix Systems' U.S. Public Sector, said the best solution for securing data is hosting a virtualized app in a data center.

"Everything that goes on happens behind the firewall, and I'm seeing the results of that data," Simmons said. "But there's no data coming across the device. It's all just pictures."

About the Author

Reid Davenport is an FCW editorial fellow. Connect with him on Twitter: @ReidDavenport.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.