By William Matthews
June 3, 2014
When the Marine Corps decided to look outside the Defense Department for secure mobile communication services last year there was really just one reason: cost. And now it seems that the Marines may have discovered a bargain.
Verizon charges commercial customers $3.95 per month per user for mobile device management services under an agreement where each user may use up to 10 different smartphones, tablets or other mobile devices for that fee, said Mike Zirkle, an associate director for public sector marketing at Verizon Enterprise Solutions.
In contrast, the Defense Information Systems Agency charges users $7.36 per month per device for unclassified service and $126.63 per month per device for access to classified military networks.
Zirkle said Verizon’s pricing is based on “a very different model. As far as I’m aware, we’re the only ones who charge by the user” and not by the device. It is common for people to operate two or more devices -- for example, a smartphone, tablet and laptop, Zirkle said, noting that many professionals want to be able to use all of them for business, or in the Marines’ case, for military purposes.
Verizon’s mobile device management system (the company calls it a “mobile workforce management” system) is undergoing several months of testing by the Marine Corps to see whether it is secure enough for Marines to use it to gain access to unclassified military networks in the United States.
The Marine Corps is also testing similar mobile device management services offered by AT&T, and a different secure mobile solution from Sprint.
AT&T would not disclose its prices, but when told of Verizon’s, a company spokesman said AT&T is offering the Marines “a competitive price.” However, reports from 2012 put AT&T’s service at $6.50 per month per device plus additional fees.
Sprint did not respond to requests for information about its pricing or its secure mobile phones. The Marine Corps describes Sprint’s phones as “multi-personality type 1 hypervisor commercial mobile devices.”
DISA’s website lists the monthly charges for MDM service -- $7.36 for access to unclassified networks and $126.63 for classified access -- and says there is an additional 2 percent contract service fee. DISA also charges $39.22 a year per user for DoD Enterprise Email. Agency officials have not provided additional information despite repeated requests from Nextgov.
That’s not the whole cost of mobile communication. Defense agencies and branches of the military that opt for DISA, Verizon or AT&T services also must buy their own voice and data services and their own mobile devices.
Secure and affordable mobile services are hot commodities for government agencies and private companies alike. The goal is to make vital and often sensitive information available to employees and troops whenever they need it anywhere in the world.
But the Defense Department is particularly concerned about information security. For that reason, military mobile communication has been monopolized for years by BlackBerry, which is reputed for superior security. But the military, like business, wants options. DISA developed its MDM system so that beginning Jan. 31, certain Apple iPhones and iPads and Samsung smartphones and tablets can also be used to access unclassified military networks.
To keep data safe, DISA’s MDM system “institutes policies, security and permissions” that determine what can and cannot be done with a particular mobile device. For example, cameras and Bluetooth connectivity may be automatically turned off and browsers, social networks and applications may be restricted. MDM ensures that those rules are followed.
It also detects malware, enables distribution of approved software, permits remote device configuration and enables sensitive data to be deleted remotely if the device is lost or stolen, DISA says.
Verizon’s mobile workforce management system works in a similar way, and Zirkle described it as “extremely” secure.
But the Marine Corps’ Rob Anderson said it is too soon to say that the system is secure enough for military use. “We are running penetration testing on the solutions to ensure the technology and the management of the containers meets or exceeds our security requirements. If they do not meet our security requirements we will not put them on the network,” he said. Anderson heads the Vision and Strategy Division of the Marine Corps Command, Control, Communications, and Computers Department.
Verizon and AT&T device managers were designed so that companies could let employees use their personal devices for business purposes and still keep sensitive business information secure.
The Marine Corps hopes the commercial services will prove secure enough for Marines also “to gain access to their USMC.mil data with their own personal devices,” Anderson said. That would allow the Corps to greatly expand its use of mobile devices. Otherwise substantial expansion would be too costly.
That’s a drawback for DISA. “At this time DISA does not have the ability to manage personally owned devices,” Anderson said. “And their current MDM solution does not guarantee the Fourth and Fifth Amendment rights of the individual can be protected.”
That means “there is not currently the guarantee that personal information” on personally-owned smartphones and tablets “can be kept private and inaccessible” from MDM operators, bosses and others, a Marine Corps spokesman explained. A guarantee of privacy “is an essential requirement of any solution we'd arrive at,” he added.
The Fourth Amendment states that “the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated.”
The Fifth Amendment, among other things, prohibits compelling an individual to testify against himself, and it prohibits depriving individuals of “life, liberty or property without due process of law.”
The Marine Corps is examining mobile communications options beside Verizon, AT&T and Sprint, Anderson said.
BlackBerry offers an MDM-like “Secure Work Space” for Apple iOS, Android and BlackBerry devices, at a “very attractive” estimated price, Anderson said.
And “this summer we are going to test BlackBerry Enterprise Service 10.2 and Secure Work Space technology to see if that approach meets our security requirements for leveraging personally owned devices,” he said. “We are also going to test DISA’s MDM solution.”
Other intriguing technologies include a “Virtual Mobile Infrastructure, where a commercial mobile device secure application interacts with data via a virtual phone running in our data center,” Anderson said. “We also want to test mobility application management services where secure, device-aware applications gain access to USMC.mil data via commercial mobile devices,” he said.
“The point of all this testing is to identify the best mobile way forward for the Marine Corps information technology environment used by our garrison and forward deployed forces.
“We know that government furnished commercial mobile devices are going to be used in a tactical environment. It would be a tremendous benefit to the Marine Corps if the same technology we use in garrison can be used by our operational forces ashore and afloat,” Anderson said.
This story was updated to clarify Verizon's pricing for commercial customers.
By William Matthews
June 3, 2014