FCW Insider

Blog archive

BYOD: Bring Your Own Disaster?

hammer

The government's tool for re-securing a compromised iPhone.

Q: What's the government process for wiping an iPhone after a security leak?

A: Pound it with a hammer.

Managing mobile devices and their risks, instituting security measures on par with more traditional desktops and laptops, determining what tool to use when things go wrong – these are all commonly cited hurdles to BYOD in federal agencies. But there are so many others that accompany those concerns that it sometimes becomes difficult to imagine it's actually going to happen.

Of course, it's happening already, on a certain level. There are pilot programs. There are options, such as bolting $200 Common Access Card "sleds" onto the device for authentication purposes so Defense Department employees can take their smart phones to work.

But neither of those is the true BYOD policy that personnel in the digital era want: the freedom to use one familiar device to do it all, work and personal, without worries about "leakage" or having all your vacation photos smashed into oblivion.

"If you look at it from a financial standpoint, sure, it's the cost of the device," said Maj. Linus Barloon, chief of cyber operations division in the J3 directorate and cyberspace officer in the Air Force's White House Communications Agency. "But when you look at the man-hours associated with cleaning up a spill for a regular device, and now toss in a smart device – it's just easier to stay away from bring-your-own-device, issue the user one of your own devices such that you can [install] the governmental controls."

It is not just the devices, either. The data itself and the policies that govern BYOD present just as much, if not more, of a problem, officials said July 24 at MeriTalk's cybersecurity brainstorm event in Washington. The discussion there represented a snapshot of a conversation that is playing out across agencies and departments.

"There are more implications to BYOD than to cybersecurity," said Joe Johnson, managed mobility program manager at the General Services Administration. "Some of that has to do with legal, some of that has to do with employee unions – who pays for the devices, are they getting reimbursed? What are the legal implications of data that could be lost? It's a Pandora's box that I don't think anybody has really figured out yet. It's probably easier to think of BYOD from a security policy point of view than it is with the broader policy implications that extend beyond security policy itself."

Posted by Amber Corrin on Jul 26, 2013 at 1:28 PM


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.