recommended reading

Pentagon Smartphone Plan Is Off to a Slow Start

Flickr user David B. Gleason

Three months after the Defense Department declared as operational its system for managing commercial off-the-shelf smartphones and tablets handling unclassified data, only about 2,000 devices are actually using the capability, the program’s manager said May 5. That’s a far cry from the 100,000 devices the Pentagon wants to have by the end of September.

“The world is passing us by,” said Gary Winkler, a former military technology chief. “Mobility is so critical and we just don’t seem to be going fast enough.” Winkler is a former program executive officer for Army Enterprise Information Systems.

The 2,000 devices now in use include many that have been transferred from an 18-month pilot of the mobility program, said John Hickey, mobility program manager at the Defense Information Systems Agency.

“Demand is not lacking,” Hickey said in an interview. But it is up to the military services and the combatant commands to set the pace for adopting mobile technology. “DISA’s role is to stand up the infrastructure and publish the security standards,” he said, noting that DISA has done that.

At the heart of the capability is a “mobile device management system” designed to keep Defense Department networks and information safe. The system sets and enforces policies for device use. For example, it can block the use of smartphone cameras in areas where photography is forbidden, Hickey said. And it can track devices through global positioning satellites and remotely turn them off if they enter places where they are forbidden for security reasons.

“That’s an advantage over laptops. Most laptops don’t have GPS,” Hickey said.

The management system also provides security functions such as malware detection, the ability to remotely delete data from misplaced or stolen phones and tablets, and the ability for managers to remotely reconfigure them.

With that infrastructure now in place, “the next phase is how do you move that forward into the tactical environment and the operational environment,” Hickey said during a conference sponsored by C4ISR & Networks in Alexandria, Va. “Partnering with the services and the combatant commands in that area, there’s still a lot of work to be done,” he said. 

Tom Suder, president and founder of Mobilegov, a company that provides mobility solutions to government agencies, said DISA has done a good job. “We wish it was faster, but it’s a complex solution. They put it together and it works.”

The Defense Department contends that mobile devices are a “disruptive technology” that can provide U.S. military personnel with a significant advantage over adversaries by providing them with the information they need whenever and wherever they are and on whatever device they are using. But many critics have argued that U.S. adversaries, such as insurgents in Afghanistan and Iraq, have relied on cellphones and other mobile gadgets to disrupt U.S. military operations for years.    

The information military leaders want to be able to convey through its mobility program ranges from weapons repair instructions beamed to a deployed mechanic’s tablet to fresh battlefield intelligence sent to smartphone-wielding soldiers on patrol.  

But the process of approving devices that the military is allowed to use and vetting applications to assure they are secure has proved enormously time consuming.

DISA has established an app store to provide approved software applications for mobile device users, but so far it offers only 16 apps, including the venerable Adobe Reader and Adobe’s 2008 Defense Connect Online, which enables Web conferences, virtual meetings and chat services.

“You will see in the future a lot more apps,” Hickey said. Indeed, thought is being given to turning “some of our Web services into mobile applications” so that they could “move forward to support tactical operations,” he said. That could make mobile devices much more useful “at the tactical edge.”

While the unclassified mobility capability is officially operational, problems remain to be solved. One is identification. Cumbersome common access cards have been ruled out as impractical for mobile devices in tactical settings, but workable alternatives are elusive. DISA and others are working to develop “derived credentials” that provide CAC-like authentication, but are stored inside the mobile device, Hickey said. But ensuring that they are foolproof is a problem.

Meanwhile, mobile device users have encountered more mundane challenges. Marines who tested mobile devices during exercises discovered that when devices were ruggedized to withstand battlefield abuse, they also became heavier and burdensome. Carrying batteries to last 96 hours or more also created weight problems, said Col. Matthew Seiber, director of command and control integration at the Marine Corps Combat Development Command.

The range of wireless routers “were much reduced in the tactical environment,” he said. And “moving seamlessly from one network to another was quite challenging.”

Here’s an unexpected glitch troops encountered operating at night: “If you’re in the dark -- complete darkness -- and you turn a tablet on, even at its lowest illumination, it’s pretty dang bright,” Seiber said. “These things are easy to fix, but until you experiment with them, you don’t realize” what the problems are going to be.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.