Balancing Security and Capability Remains Challenge for Mobile Adoption

Published: September 25, 2013

USAFCybersecurityDigital GovernmentDOJMobilityTeleworkWireless

The Mobile Work Exchange held its fall 2013 town hall meeting on September 12, 2013. The conference explored strategies for deploying a more mobile workforce, offering insight from over 20 speakers from both government and industry leadership.

In his opening address, the Bureau of Alcohol, Tobacco, Firearms, and Explosives’ Rick Holgate noted shifts in technology adoption over the last five to ten years. Holgate, the Assistant Director for Science & Technology and Chief Information Officer, cited findings from two surveys saying, “One thing I think we would all agree on is that the federal workforce is extremely optimistic about the productivity that mobility represents and the potential productivity gains.” Indeed, the impact of mobility spans various areas like productivity, transportation, and real estate. Potential savings estimates range from $12 to $14 billion per year in efficiencies. These untapped areas for efficiency mainly fall into two areas in areas related to increasing workforce productivity and consolidating real estate.
 
Along with increased mobile capabilities over the past 5 to 10 years, the work environment has evolved. These advances in mobility have introduced new challenges, particularly related to security and privacy. Referencing the Mobile Security Framework, Holgate applauded “agencies that have somewhat different security perspectives and baselines and ways of thinking about security” collaborating to establish a government-wide baseline for mobile security. Traditionally, guidance documents from the National Institute for Standards and Technology (NIST) have identified security controls but left it up to individual agencies to determine how to apply them. This baseline guidance allows agencies to make progress with mobile adoption efforts, particularly around shared mobile device management solutions.
 
The theme of security challenges continued throughout the day. In his luncheon keynote, the Air Force’s Major Linus Barloon described various issues he’s encountered related to information security. Challenges persist around identifying ways to improve prevention of security incidents, spill containment, and re-establishing security. Current technology has evolved to where previous approaches, like wiping machines and reintroducing them to computing environments, are no longer considered as effective.
 
Based on his experience, Barloon suggested that getting devices in the hands of users is only a quarter of the problem around mobility. Noting the numerous contract vehicles and acquisition mechanisms, Barloon observed, “It’s very easy to get that device into your users’ hands.” Once that’s achieved, however, questions arise about governance, extending to legal, ethical, and acceptable uses for devices. With the shift to mobile environments, issues emerge around translating and applying risk management frameworks to mobile devices, determining how to apply risk principles to these devices, and also defining how these devices will factor into continuous monitoring. It’s a balancing act, as Barloon described it. One the one hand, agencies aim to limit risk. On the other, they’re looking to increase operational capability.
 
In his closing, Holgate suggested the development of the next generation for the Digital Government Strategy is likely to assess agencies in terms of maturity of mobile adoption. This next step would also look to determine how to bring lagging organizations up to speed. Another area for development, Holgate noted, is in establishing metrics for program impact, especially in areas like workforce productivity and quality of citizen services.
 
The next Mobile Work Exchange session is scheduled for April 10, 2014. More information is available through the event site.