DoD Outlines Mobile Device StrategyFew Specifics Offered on How Best to Secure Mobile Devices
A new mobile device strategy for the United States Defense Department addresses the need to secure the use of mobile devices for the military but provides few specifics on how to furnish security, at least not in the non-classified version the DoD made public this month.
"Although mobile devices are the new and popular item in today's commercial market, this strategy is not simply about embracing the newest technology; it is about keeping the DoD workforce relevant in an era when information and cyberspace play a critical role in mission success," DoD Chief Information Officer Teresa Takai writes in the forward to the strategy.
The strategy consists of three goals:
- Advance and evolve the DoD information enterprise infrastructure to support mobile devices: Improves wireless infrastructure to support the secure access and sharing of information via voice, video or data by mobile devices.
- Institute mobile device policies and standards: Establishes policies, processes and standards to support secure mobile device usage, device-to-device interoperability and consistent device lifecycle management.
- Promote the development and use of DoD mobile and web-enabled applications: Provides the processes and tools to enable consistent development, testing and distribution of DoD-approved mobile applications for faster deployment to the user as well as establishes policy, processes and mechanisms for appropriately web-enabling critical DoD IT systems and functions for mobile devices.
One objective of the strategy is to establish a mobile device security architecture to assure the security of connections between DoD networks and commercial networks. Such an architecture must employ DoD public key infrastructure security, access and identification controls at the network, device and application levels, the strategy states.
Another strategy objective is to educate and train mobile device users. "The use of mobile devices requires a new level of trust with the end user," the strategy states. "DoD personnel, accustomed to using mobile devices in the personal lives must be aware of the differences when employing the device for DoD mission purposes. ... To ensure an understanding of why security settings are important, DoD must broadly integrate mobile device training into existing workforce education and training programs where applicable."