recommended reading

Agency-owned PCs could soon be relics of a bygone era

Michael Biehler/Shutterstock.com

Veterans Affairs Department Chief Information Officer Roger Baker predicts that within five or six years VA will no longer furnish employees with computers. Instead, they will use the devices they own to connect to department networks.

He also believes the department has awarded its last desktop PC contract, a $476.6 million deal for up to 600,000 desktops awarded to Dell in April 2011. Baker made the remarks in a call with reporters Thursday.

He would like to see VA get out of the business of provisioning its roughly 300,00 employees with hardware to access VA networks and said he backed a departmentwide policy allowing employees to bring their own devices to the job.

Asked how the department would manage the financial aspect of a policy that would have employees buy their own hardware, Baker said, “That’s a [human resources] issue.”

Last October VA kicked off a test of 1,000 department-supplied Apple iPad tablet computers on its networks. Baker said security stands out as the key issue for the use of tablets and smartphones, whether they are supplied by the department or owned by employees.

IT will take a “massive investment” to ensure veteran data is protected before VA can proceed with a widespread BYOD plan, Baker said. He did not specify how much VA will need to spend on mobile device security.

VA and its employees also would have to ensure that personal applications are free of viruses and malware before they are connected to the department computer systems.

Baker also warned that any VA employee who uses Apple hardware that has been “jailbreaked” -- modified so the user gains root access to the operating system -- faces harsh consequences. Any such hardware connected to VA networks, would have its software completely and automatically wiped, Baker said.

Baker’s endorsement of a BYOD policy fits with a similar approach planned by the Defense Department in its mobile device strategy released last week. That strategy said, “DoD must continue to explore the efficiencies associated with the use of personally-owned mobile devices and potential security risks posed by such devices. “

The Defense Department “must define acceptable use of personally-owned mobile devices and acceptable personal use of DoD-owned devices where applicable,” the strategy said.

Baker said he would like to work with Defense CIO Teresa Takai on developing mobile strategies and policies.

(Image via Michael Biehler /Shutterstock.com)

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download

When you download a report, your information may be shared with the underwriters of that document.