While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
Roughly 73 percent of Americans own a smartphone, according to the research firm comScore. Many are federal employees, which is one reason why government agencies are increasingly extending their unified communications platforms to smartphones and other mobile devices.
UC is a catchall term for a wide variety of communications services that can be accessed across multiple devices. Those services typically include voice, email, instant messaging (IM) and presence, and even access to documents in the cloud. As cellular speeds increase, mobile UC also is expanding into bandwidth-intensive services such as video calling and conferencing.
“Through the Defense Information Systems Agency’s Mobile Unclassified Capability, every mobile device for Army users has video teleconferencing and chat enabled,” says Cheryl Hynes, enterprise services domain lead in the Office of the Army CIO. “Currently, because DISA, Army and the Air Force are in the exploratory phases of a unified capability service, DISA is leveraging legacy capabilities such as Adobe Connect, DOD Connect Online chat capability and Jabber.”
In addition, Army users also can access commercial offerings from Google Apps for government and Google Hangouts, the latter of which is used by the Army Recruiting Command.
Some government agencies now also have bring-your-own-device (BYOD) policies, where employees are allowed or even given incentives to use their personal smartphones and tablets in the workplace.
BYOD programs can enable wider, less expensive mobile UC rollouts than if an agency had to buy all the gear.
“In most cases, it doesn’t make sense to buy a separate device for work,” says Travis Howerton, deputy director of the IT Services Division at Oak Ridge National Laboratory, which has a BYOD policy. “Employees don’t want to carry two.”
Like their private-sector counterparts, agencies get several benefits from mobile UC. Productivity, for one, increases because employees can get more done when they can work in the field rather than just in the office. Another bonus is greater responsiveness; for instance, eliminating “phone tag” because colleagues can use presence to see who’s available or whether an IM might be the best way to contact them.
“The benefits of providing UC to a mobile device is that now the user can work from anywhere, globally, when a connection is available,” Hynes says. “Typically, UC reduces the number of devices a user requires to get the job done. This applies also when providing UC capability to mobile users.”
Other potential benefits are more nebulous. Some employees, for example, might spend most of their workday away from their desks. In those cases, UC software on a tablet or notebook might eliminate the need for, and expense of, deskbound devices such as wireline phones, computers, monitors and video conferencing endpoints.
BYOD does bring additional security considerations, Howerton says. At Oak Ridge, the lab’s systems team has established separate platforms and policies for managing employee-owned and government-issued devices. Personal devices are more lightly managed when it comes to the applications the lab can block, along with the ability to remotely erase phones or tablets that are lost or stolen. The light-handed approach encourages employees to use personal devices because they don’t have to worry about the lab accidently deleting personal apps and files.
“A completely separate infrastructure keeps that from happening,” Howerton says. Virtualization is another way to ensure security, regardless of whether mobile devices are supplied by em-ploees or by the agency. By housing data and applications on agency servers, a virtual desktop environment essentially streams the document for viewing and editing, instead of providing a copy that’s downloaded to the notebook, smartphone or tablet.
“Everything is done virtually, so when they disconnect, there’s no data left behind, and there’s no risk of loss if their device is compromised,” says DJ Kachman, director for mobile and security technologies at the VA, which uses virtualization.
Virtualization can be a way to meet tight security requirements and thus enable more employees to use mobile UC. Another option is containerization, where apps get a digital wrapper that gives the organization more control over functions such as authentication, encryption and remote erasure. Oak Ridge uses both virtualization and containerization.
When choosing technologies to secure mobile UC, it’s important to ensure that they’re user-friendly. If employees find the security gauntlet overly complex or annoying, they’ll look for easier alternatives, such as using their workstation to save files to their personal Dropbox, or forwarding files to their home email account.
“If people say that’s not happening, they’re probably lying,” Howerton says. “If you make the right thing the easy thing, there’s a big security win.”