While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
Imagine a federal worker returns from vacation and realizes she’s left her mobile device behind in the Caribbean. Because the phone is covered under the agency’s mobile device management system, the IT department can quickly erase its data, ensuring that sensitive government documents don’t fall into the wrong hands.
Problem solved, right? Not entirely. Although the worker uses her phone for work, she also uses it in her personal life. Right alongside any agency files are pictures of her daughter’s dance recital, a video of her son’s first steps, logs from all the running workouts she’s completed and the phone numbers of several hundred friends and family members. If the work and personal data are all mixed together, then all of the personal information will be wiped away too.
Robert Anderson, chief of the Vision and Strategy Division for Headquarters Marine Corps/C4
Photo Credit: Cameron Davidson
This is part of the reason a number of federal agencies are exploring “dual-persona” technologies, which split a mobile device into two separate user environments for work and personal applications. Such a split personality can be achieved through mobile virtualization, in which a hypervisor divides the device into two operating systems — an approach used by VMware Horizon Mobile for Android smartphones.
Alternatively, employees can download and install a mobile client that creates a work-only “container” that remains separate from the rest of the data and applications on a device. AT&T’s Toggle, for example, uses this technology. And some phones, such as Samsung’s KNOX, have the ability to split into multiple personas built right into their operating systems.
Robert Anderson, chief of the Vision and Strategy Division for Headquarters Marine Corps/C4, shies away from even using the term “bring your own device,” instead opting for the somewhat more cumbersome phrase “personally owned, corporate-enabled environment” to describe a scenario in which employees complete work tasks on their personal phones.
The BYOD moniker simply carries too many negative security connotations within the Department of Defense. “That’s the key issue — the security of the data,” Anderson says.
But Anderson understands that the government can’t afford to turn away from personally owned devices as a way to boost productivity and save money. “Within the Department of Defense, people aren’t really focused on this personally owned, corporate-enabled environment, because they have a model with government-issued equipment that works,” says Anderson. “But when you look at fiscal year 2016 and the operations and maintenance budget, those baseline dollars are going to decrease. If we continue to look at this problem in the same fashion, then we are not trying to achieve IT efficiencies within the mobility space.”
Anderson is looking toward dual-persona technologies as a way to allow those personal devices onto the DOD’s network without jeopardizing security. “We have got to figure out a way to save money, and I think that a personally owned device that has an organizational container on it — where the data is secured — I believe that’s the right way forward to enabling a personally owned environment.”
Andrew Regenscheid, lead for hardware-rooted security in the Computer Security Division at the National Institute of Standards and Technology, says that security concerns have caused most agencies to be slow in adopting BYOD programs. Securing data on personal mobile devices presents a whole different set of concerns from previous approaches to securing data on government-owned notebooks and desktops, he says.
“We [previously] protected the machine, and through protecting the machine, we protected the data,” Regenscheid says. “One of the challenges of BYOD is, how do you protect this data without exerting too much control over the device, because these are personal devices. Users have some expectations about what they should be able to do with their own device.”
Anderson notes that if a person lost his or her dual-persona device, the Marines could remotely wipe away the person’s work data while leaving the personal data intact. He also says that using a personal device for work would be completely optional, because the employee is the one paying the monthly data bill.
“If we give an active duty Marine a government-furnished device, then he’s expected to be tethered to that device,” says Anderson. “If that Marine was doing it voluntarily, then we would not expect him to be tethered to it.”
John Sprague, enterprise applications service executive at NASA, says the agency is looking at dual-persona technologies as a way to foster a BYOD program within the agency. Sprague says he likes the idea of being able to keep government data secure without having to tamper with personal data if a device becomes compromised.
“That’s been a worry for anybody, probably in any agency,” Sprague says. “Who in the world would want to lose their pictures from their personal phone?”
The Marines are conducting penetration testing with several different dual-persona solutions. When those tests finish, the organization will move to a beta testing period, during which 20 users will be equipped with a mix of different dual-persona solutions. Depending on the results of the beta test, the Marines plan to then try out a 500-person BYOD pilot program.
First, though, Anderson says the Marines need to work with vendors to make sure that if hackers jailbreak or root a phone, they won’t be able to access the certificate that allows the device onto the Department of Defense’s network.
Rob Smith, a research director in the Mobile and Client Computing Group at Gartner, predicts that more device makers will follow the example of Samsung and BlackBerry and build hardware-based rooting and jailbreaking detection into the phones. These hardware-based solutions destroy corporate data automatically if a device is tampered with.
“It’s the single biggest concern that anyone has,” Smith says. “If I have jailbroken or rooted a device, I can do anything I want to it. So it’s the biggest thing people are afraid of.” He acknowledges that current container solutions perform jailbreak detection, “but because it’s software-based, it’s not perfect.”
The Air Force is using dual-persona technologies, not to enable a BYOD program, but to give workers the ability to perform personal tasks on their work-issued devices.
“From our users’ perspectives, they didn’t want to carry around multiple devices,” says Bill Marion, Air Force Space Command chief technology officer. Devices with multiple personas, he says, allow users to interact with applications such as mapping software and fitness apps when they’re away from the Air Force’s network, while their work data is stored safely in a dedicated container.
Marion allows for the possibility that the Air Force may adopt a BYOD policy in the future, but says that supporting personal applications on agency-issued phones through dual-persona technology has reduced the number of inquiries he receives from airmen about the possibility of such a program.
“I think for right now we’re delivering 98 percent of what the users want,” Marion says.