Feds talk app stores

What’s a smartphone without apps to run on it?

A phone.

And app vetting and federal app marketplaces garnered a lot more attention than the devices that power them during discussions at the Advanced Technology Academic Research Center’s (ATARC) Mobile Computing Summit on Aug. 12.

We’re still in the early stages of a “new civilization” when it comes to mobile federal options, said Homeland Security Department system development guru Rob Palmer.

“There’s just not a whole lot of unexplored territory at this point,” he noted, saying mobile issues have been talked to death. And yet, a huge gap remains because the federal government is still wrestling with how to properly vet apps, and then get them onto smartphones, tablets and other devices.

“It’s the applications that make the device useful,” Palmer noted.

The National Geospatial-Intelligence Agency’s Shana Simmons touted NGA’s option: IGAPP, or the Innovative Geoint App Provider Program.

Operating on a “commercial” model, IGAPP is an app store that pays developers by the download.

“People aren’t just building an app to fulfill a requirement,” she noted. “They’re building great apps because they know they won’t get paid unless they get downloads.”

How much? That’s the subject of negotiations.

“A lot of people ask that question, ‘Is that like a 99-cent app or is my agency going to have to pay for it?’” Simmons noted.

One of the keys to IGAPP is openness, she added.

Developers can contribute apps for both iOS and Android platforms, and they’re not constrained to using NGA data for their apps. The goal, Simmons said, is to bring innovative apps to customers safely and effectively, acknowledging the advantages of the private sector.

“We’re not in the business of building apps,” Simmons noted. “Industry can do that better than government. We’re providing data.”

So far, the store (which launched in May) has a relative handful of apps, with six more in the pipeline, Simmons said.

What about the possibility of a Federal Risk and Authorization Management Program (FedRAMP)-style structure for vetting mobile apps?

That question prompted a loud groan from the Defense Department’s mobility program manager, Kimberly Rice.

“FedRAMP, the objectives were good,” responded Lon Gowen, chief technologist at USAID.

“For mobile app vetting, I think the best approach is kind of a distributed approach,” he added, calling for agencies to vet apps on their own, then share the results of each vetting process.

Agencies can coordinate in this fashion, but robust independence is key. “It doesn’t mean every agency has the same criteria,” Gowen said.

Palmer and DHS colleague Vincent Sritapan noted that app vetting is not a one-time deal, but a continuous process.

The discussion is important, but it’s not brand-new.

ATARC President Tom Suder pointed to a 2011 article in which “someone” (“Alright, it was me,” Suder admitted) touted the potential role of government-sponsored app stores and the idea of “FedRAMP for mobile.”

The importance of the discussion has only grown since then, he said.

“In 2011, you were still on BlackBerries,” Suder told the audience of feds and contractors. “You weren’t too concerned about mobile apps.”