Air Force wants to link iPads with SIPRNET
- By Sean Lyngaas
- May 03, 2016
Air Force CTO Frank Konieczny wants to connect some of the service's 30,000 iPads to the Defense Department's classified network but not before they pass security tests to keep new vulnerabilities from being introduced to Air Force networks.
As of now, the iPads do not even connect to DOD's unclassified network, known as NIPRNet, he said.
"One of the concerns that we have is that we want to make sure that the e-books...on the iPads can actually be accessed from the flight line in a certain way that they can have interconnectivity back and forth with the logistic centers," he said in a May 3 interview.
The iPads is obviously not a new technology, and the Air Force has been using the device since at least 2012. But recent advances in mobile device security and the ability to compartmentalize information have made it possible to further integrate iPads into Air Force networks, Konieczny said. He spoke with FCW after his appearance at a conference in Washington hosted by FedScoop.
An iPad's electronic transmissions could pose a risk to sensitive aircraft equipment, he said. On the other hand, the ability to access unclassified and classified networks from their iPads could give Air Force personnel valuable data at their fingertips.
The Air Force's IT governance body will review a proposed trial deployment of iPads on NIPRNet in the coming weeks, Konieczny said, adding that the pilot project could be underway this summer or fall.
The service is perhaps a year away from connecting some of its iPads to the classified SIPRNet because that access will require more testing, he said. The goal is to reduce a device's functionality to one mode on SIPRNet, such as using a bar code reader for identification, he said. The more functions enabled on a device, the more potential attack vectors for hackers.
Konieczny also has his eye on the Internet of Things, a catchall term for any device with an internet connection. He said he wants the Air Force to catalog as many of the service's internet-connected devices as possible. If a device isn't in the catalog and is broadcasting suspicious information from a military base, for example, officials would know not to trust the device, he said.
Industrial control systems are already on officials' radar as having IoT vulnerabilities, Konieczny said, but there are many other devices, such as temperature sensors, that also deserve scrutiny.
Sean Lyngaas is a former FCW staff writer.