Agencies dream of commercial app stores

Federal agencies have spun up plenty of their own stores for mobile apps, but the ultimate fantasy is letting the existing commercial marketplaces -- specifically iTunes and Google Play -- handle the heavy lifting.

Could feds be downloading preapproved apps from iTunes within a couple years?

"I don't even think with research I could get that in two years," said Vincent Sritapan, a program manager in the Department of Homeland Security's Science and Technology Directorate. "That's aggressive."

Sritapan, who made the comments at the Advanced Technology Academic Research Center's Federal Mobile Computing Summit on April 6, amended his prediction to account for strong buy-in from vendors.

"I think it can be doable, even before two years," he said, as long as vendors maintain their tools rigorously and "vet them continually, forever."

His comments came on the heels of DHS issuing privacy guidelines for mobile apps.

"In our dream world, obviously, the commercially available app stores would do this for free, would do exactly what we're paying to do across government right now," said Jeff Blank, a technical director in the National Security Agency's Information Assurance Division.

The problem of keeping apps vetted persists whether they're hosted on a commercial or federal app store.

"We have to have a way to vet these very dynamically," said Rob Palmer, deputy chief technology officer in DHS' Enterprise System Development Office. A three-month review process for each app update won't cut it, he added.

Downloading preapproved apps from commercial stores is probably the way to go, he added.

"It almost has to work like that," Palmer said. "[When] a mission operator needs a particular capability at a certain time, they should be able to, in this environment, get to that capability very quickly, without extensive processes, and that's the top line I think, that we're trying to get to."

As far as keeping apps approved in the face of continuous updates, some of which might introduce security vulnerabilities, the feds said that's comes with the territory.

Blank said he's generally in favor of "permitting updates but keeping a watchful eye" on their content.

For Palmer, the question is about risk management: "How do we accept just enough risk to make our people productive?"

About the Author

Zach Noble is a former FCW staff writer.


  • Veterans Affairs
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    VA health record go-live pushed back to July

    The Department of Veterans Affairs is delaying a planned initial deployment of its $16 billion electronic health record project by four months, but is promising added functionality at the go-live date.

  • Workforce
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    Esper says he didn't seek the authority to gut DOD unions

    Defense Secretary Mark Esper told lawmakers he was waiting for a staff analysis of a recent presidential memo before deciding whether to leverage new authority.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.