Secure devices, virtualized mobile solutions and the Internet of Things will be at the top of mind for government IT managers.
For many government IT managers, "mobility" has gone from a buzzword to a business imperative. An increasingly mobile workforce, increasing security concerns and the consumerization of the enterprise present challenges agencies barely imagined five years ago. And the pace of change shows no sign of slowing in 2014. In fact, there are some imminent developments which could take mobility new directions.
That means mobile solutions (and associated hardware and systems) will have more of an impact than ever over the next year or so. Here are some of the significant issues we see on the horizon.
Security of mobile devices
Some government CIOs initially supported the bring-your-own-device movement while balancing end-user demands, agency risk and service management disciplines. But this approach risks exposing government business operations, confidential corporate data and individuals’ private information to what may be marginally secure mobile devices. Solutions include:
Guest networks that allow mobile devices to reach the Internet, but little else. From there, access can be expanded once devices meet specific criteria.
- App stores that can manage installation and updates of applications. But since agencies can't assure application compatibility for multiple types of devices, this may slow the expansion of these stores.
Meanwhile, the next frontier of mobile devices will further complicate these problems, including Google Glass, HTML5-capable tablets and special modules, which use a variety of run-time environments.
All of this, in concert, is pushing the federal government to move toward a FedRAMP-style assessment and certification process, which could help agencies choose from a broad list of mobile devices that have been tested for compatibility for their specific needs. Federal CIO Steven VanRoekel has stated that mobile devices could indeed be the next focus of this type of effort.
Virtualized mobile solutions
We have seen a growing interest in virtualized mobile solutions — but so far we have not seen this approach executed in a broad way. There are many virtualized solutions that can be used to create a “virtual corporate device” can offer enhanced security, management capabilities and push-button activation. The fledgling interest indicates that this could be a growth area within a year.
- Mobile hypervisors that separate corporate and personal workspaces by creating multiple instances of the mobile OS on a single server. This allows separate security, applications and device management services for each device, if needed.
- Software-based solutions that create corporate containers on BYOD devices have also emerged, turning a personal device into a work device with a level of enterprise security. This technology has the potential to limit the device's “agency-approved container” to a specific set of applications and data sources, essentially letting employees keep their government business in the cloud, and their private business on their devices.
Android OS is ahead in this space right now. But if Windows phones continue to grow (the growth has been disappointing to some) they could become a key player.
Internet of Things
The so-called Internet of Things also is greatly boosting mobile use because many of the connected devices will require a mobile connection.
The IOT taps the existing Internet of people and places to provide value through continuous data and updates. The IOT’s data streams will come from sensors in roads, bridges, parking spaces, buses and subway cars as well as networked street or traffic lights, garbage bins, HVAC systems, building lights and other systems and other building systems.
There's also a growing amount of location-related content supporting the IOT, including security video, mobile apps and more, related to situational awareness.
IDC estimates that worldwide government spending on the IOT will be $1.2 trillion by 2017. In fact, public-sector organizations are expected to be one of the leading industries in IOT growth rates, with a compound annual growth rate (CAGR) of 10.6 percent from 2013 to 2017.
This growth will continue to have a measurable impact on data volumes, storage and infrastructure-as-a-service (IaaS) discussions.
The IOT will deliver high value in areas like defense and public safety, environmental and disaster monitoring/ detection, energy efficiency and transportation. But government agencies need to plan for this growth. Expanding into the cloud to deal with the data (and management of that data) from these new solutions is the most likely course of action.
Checklist for IT managers
IT managers who need to make decisions on mobility should make themselves a checklist of deliverables that they need to address.
- Move toward device standardization when possible and take advantage of any kind of FedRAMP-type program mobile solutions that may be developed.
- Investigate the use of virtual desktops to promote long-term device agnosticism and to limit demands for end-user support.
- Decide how authentication will work for mobile connections. Software-based certification is probably sufficient for most services. Companies such as Amazon Web Services and Checkpoint offer authentication gateways hosted in the cloud. Agencies that need higher security can invest in hardware based tokens, such as those offered by RSA.
- Research bandwidth availability in areas where mobile devices will be used most often. Look into the availability of both 4G and Wi-Fi support and make sure signals and bandwidth are enough to support adequate throughput for most work.
- Develop business continuity and redundancy plans for mobile devices the same way COOP plans are made for regular IT operations. Check into the availability of back-up devices, alternate connection paths and data backups in the cloud.
- Train the mobile workforce. Some employees may need special training to use mobile devices that have unique security features.
- Conduct additional testing when mobile devices become common access points for back-end databases and servers. Application security needs and FISMA compliance don't stop because a device has left the office.