Agencies going mobile must balance users' expectations with security and operational imperatives, industry experts say.
Properly deploying and managing mobile devices is a challenge faced by both private- and public-sector organizations. But government has a host of other considerations, including security and identity management.
As more branches of the government deploy smart phones and tablet computers to their personnel, all of these various factors must be weighed to avoid costly mistakes, said members of a panel of industry experts Dec. 7 at the Government Mobility Forum in Washington, D.C.
A successful mobile deployment is a balancing act between consumer expectations and security, said Jay Barbour, security adviser with Research in Motion. He added that if information security is bolted onto a mobile system as an afterthought, it will lead to trouble.
What organizations must consider is whether devices are scalable and/or manageable, Barbour said. He added that agencies need to think about which needs their mobility program must meet: keeping customers happy or meeting the organization’s operational goals.
In setting up a mobile network, the real value to agencies is in developing services around mobility, Barbour said. These services and applications must be able to connect to back-office systems and servers. However, if organizations don't take care in how access is granted, it will create security holes, he said.
Those security needs must be met because the government has a specific and unique set of guidelines for information technology, said Gary Schluckbier, director of Motorola’s Secure Product Group. For information security purposes, organizations need to protect intellectual property and sensitive government documents.
But mobility is different from traditional IT and physical security in that, at best, a typical smart phone is unprotected. “Your antenna is actively touching enemy-occupied territory,” he said.
Security is an important consideration because more malware and viruses are being directed at the mobile sector. Citing a recent study by McAfee, Schluckbier said that there were 75 million pieces of individual mobile malware detected in the last quarter — a 40 percent increase.
Handheld devices are different from desktops, laptops and notebooks, and there is a need to protect mobile platforms from a variety of threats, Schluckbier said. Remedying this is a challenge for government because, in the commercial world, there is a business motivation for devices to be as open and modifiable as possible. But in the government sector, if a device is compromised, the entire network is suspect, he said.