recommended reading

Security concerns suppress Pentagon's appetite for wireless devices

The U.S. military wants to go wireless. It wants handheld devices to replace desktop computers, it wants information available for troops "anywhere, on any device anytime," it wants employees to telework, and it wants to do this all with commercial products.

But it also wants security. And for now, the lack of military-grade security for smart phones, iPads, tablets and other mobile devices is the biggest impediment to a wholehearted embrace of mobile computing, military officials told a gathering of technology vendors Thursday.

"Security -- I can't stress that enough," said Robert Carey, the Defense Department's deputy chief information officer. And today, the security provided in commercially available mobile devices simply doesn't meet military requirements, he said. That's why the military limits the use of many mobile devices, such as Apple iPads, and services such as social networking.

"Operational security comes first," Carey said.

When Marine Corps pilots wanted to load digital maps into iPads and Kindle devices so they could get rid of bulky briefcases full of paper maps, the Corps said no, Brig. Gen. Kevin Nally, the Corps' CIO, recalled.

The pilots pushed back, demonstrating how they could Velcro the devices to their thighs for quicker, easier access to maps in flight. The Corps finally relented, but forbade connecting the devices to aircraft communications networks -- for security reasons, Nally explained.

Before they're approved for use by the military, smart phones and other mobile computers must undergo testing for security and win approval from the National Security Agency. That can take up to 18 months, by which time some of the devices might be obsolete, military officials said.

There signs that the military is making an effort to adapt to commercial technology standards. "We have moved away from saying 'Hell, no,' to just saying 'no,' " said Troy Lange, chief of the cryptographic products engineering office at the NSA. But "we really have to move to the culture of saying 'How?' "

The reason is clear to military members who want to use new technology.

"Technology is moving so fast. We used to drive the train, but now that train's driving us and we're just trying to hang on," said Col. Scott Moser, CIO of the Army National Guard.

"In five years, the desktop will be a dinosaur," he said. But it's not clear yet that the military will be comfortable securitywise with whatever replaces it.

The military services need industry's help, Moser and other Defense speakers told technology company representatives at the Armed Forces Electronics and Communications Association's Next-Gen Mobile Technologies Symposium.

But the Pentagon is a demanding customer. For example, it wants mobile computing devices that will accommodate Common Access Cards, employ NSA-level data encryption and provide other security measures.

Industry representatives say the military might be asking for too much. Big as it is, the Defense Department is a relatively small customer compared to the vast sea of ordinary consumers in the marketplace for smart phones, handheld computers and similar devices. The military simply doesn't have the buying power to demand significant changes in commercially produced devices, vendors said.

Beyond that, protracted defense procurement process -- it can take 81 months for the Pentagon to decide what it wants and then complete the procedures to buy it -- is ill-suited to technology that refreshes every six to 18 months, they said.

"We would love to help you out," a company official said. But if the military wants handheld devices that include, say, a Common Access Card reader, Defense must commit to buying a certain number of the devices, and so far that's not happening. Without guarantees of sales volume, it's not economical for companies to build card readers into mass-produced devices because mass market consumers don't want them, he said.

The technology impasse goes beyond military security demands. Some companies have refused to share proprietary information about their operating systems -- information the military needs to determine how the security measures it wants might be included in the technology the companies produce.

In other instances, commercial device operating systems change so fast that by the time the military devises a security solution to a particular system, the system is obsolete and has been abandoned by device makers, an Army official said.

Defense is trying to speed testing of commercial products to address that problem. It also is consulting with other large technology customers that need more secure technology, such as the banking, transportation and aviation industries, according to one department official. Working together, the military and the industries plan to develop a larger, more attractive market for technology companies, he said.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.