recommended reading

DISA seeks app store, device management


The Defense Information Systems Agency formally posted a solicitation Monday for a mobile device management system and enterprise mobile application store that will support up to 260,000 devices.

The device management system and app store ultimately could be expanded to support the entire Defense Department, DISA said.

Other agencies, including NASA, have experimented with internal app stores, but a Defense-wide app store would dwarf any previous efforts. The agency has been preparing to post the MDM solicitation since early this summer when Defense released its mobile strategy.

The device management system is aimed at ensuring adherence to top-down security requirements for smartphones and tablets operating on the DISA network and should allow agency technology managers to “deliver, update and delete” applications on employees’ mobile devices “without the mobile device user having to return the device for service,” the solicitation said.

Security officials also must be able to remotely wipe devices they think might have been lost or compromised by hackers, the solicitation said.

“Because the current market landscape is still maturing from a security and architecture perspective,” DISA said, “the critical requirements provided for this MDM-MAS acquisition are short term and are limited in scope to provide the government the flexibility to adjust with evolving solutions.”

DISA also wants to use the MDM to distribute applications to users’ mobile phones and tablets from a private application store and eyes deploying the software across the entire Defense Department.

MDM vendors, such as Airwatch, tapped to support the Veterans Affairs Department’s mobile apps store deployment last month, typically charge between $3 and $4 per month per client.

This means DISA’s planned initial deployment of MDM supports 260,000 users will run between $780,000 and $1,040,000 per month, or as much as $12 million a year. Airwatch offers cloud hosting, but if DISA opts to host the service internally, maintenance and support charges could run 20 percent per year.

Alan Dabbiere, chairman of Airwatch, said DISA should not expect to pay rate sheet prices for MDM clients, software and services and promised a “substantial” discount for large-scale deployment, but did not specify the size of the discount.

Warren Suss, president of Suss Consulting, said large-scale MDM deployments “will not be cheap” but using commercial software to manage commercial hardware will save Defense the development and maintenance costs for systems unique to the military.

Suss predicted that eventually all 1.4 million military personnel and 800,000 civilian employees could be equipped with smartphones or tablets managed by MDM, though the process could take years.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.