A soldier checks battlefield locations on a combat smartphone during a Network Integration Evaluation at White Sands Missile Range, N.M. (Army)
The Defense Department plans to equip its 600,000 mobile-device users with secure classified and protected unclassified capabilities while encouraging the use of centrally managed mobile applications through a “storefront” similar to Apple’s App Store.
“We are building a secure 4G wireless network that will get iPads, iPhones and Android devices online by mid-2014,” said Army Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, in a June 27 speech at the Brookings Institution. “With tools like this, the smartphone generation joining our military will help us pioneer a new era of mobile command and control.”
Toward that end, the Defense Information Systems Agency in June awarded a firm-fixed-price contract worth nearly $16 million to Digital Management Inc. of Bethesda, Md., to provide a DoD-wide Mobile Device Management system and Mobile Application Store.
“We currently manage more than 500,000 devices for hundreds of commercial and federal clients, and we’re looking forward to delivering secure, seamless MDM-MAS services to the entire DoD mobile enterprise,” said Jay Sunny Bajaj, DMI’s founder and CEO.
MDM is envisioned as a “traffic cop” capability that enforces the policies, security and permissions that define the functions the user is allowed to conduct on a mobile device. For its part, the objective of the enterprise MAS is to optimize the functionality and distribution of mobile apps to DoD mobile devices while minimizing replication, cost and downtime.
The MAS, operating in conjunction with the MDM, will serve as an over-the-air digital electronic software distribution system by obtaining user application permission rights from the MDM. In addition, the MDM is designed to secure, monitor, manage and support accredited mobile devices across a range of DoD environments, allowing for malware detection and policy control of the devices. The MDM also supports remote data-wipe capabilities and remote device configuration management.
“As end user dependence on mobile devices rises, enterprise management implemented via an MDM becomes necessary to ensure secure mobile device operation and maintenance in a cost-efficient manner,” states DoD’s Commercial Mobile Device Implementation Plan released in February. “Mobile applications are a critical enabler for service delivery and will permit new opportunities to improve mission effectiveness.”
WRITE AND SHARE APPS
The MAS depends upon the MDM for identification of new, removed or changed mobile devices. Moreover, certification and accreditation of mobile applications will use a distributed process to facilitate entry into an enterprisewide DoD storefront.
“To help unleash the potential for user-driven innovation, a federated app store will allow any DoD user to write and share phone and tablet apps,” Dempsey said. However, DoD’s Commercial Mobile Device Implementation Plan states that “until the development of multilevel security is a viable construct,” separate MDM systems in the classified and unclassified DoD information domains will be implemented. An enterprise-level capability for unclassified information processing will be accomplished by an MDM system, with an enterprise MAS that will deliver, update and delete applications on mobile devices without the user having to return the device for service.
DISA will implement the MDM and MAS in three phases. Phase 1 includes the purchase of 1,500 devices. Phase 2 will provide the capability to manage as many as 5,000 devices. Phase 3 is an operational capability that will be offered as a subscription-based service to support 100,000 devices.
While bring-your-own-device is a trend in the commercial world, for now, DoD is taking a wait-and-see approach to this model, which allows personally owned mobile devices to be used for enterprise business purposes. DoD policies prohibit the use of devices procured outside of government-sanctioned acquisition.