| By JP Morgenthal | Article Rating: |
|
| January 20, 2012 10:30 AM EST | Reads: |
1,692 |
In recent discussions with IT leaders from both federal and Department of Defense sides of US government, representatives stated that they are having a heck of a time accommodating expansive growth in mobile computing. This is critical given that today, in most cases, agencies and departments still have control over which mobile devices can be used. In the future, these executives realize that the changing demographics of contractors and employees means they will not only need to support continually growing traffic, multiple presentations and increased asset management, but will also have to deal with a wide spectrum of mobile devices due to Bring Your Own Device (BYOD).
This idea that these executives will one day soon have to loosen their grip over endpoints is a major concern. Contrary to belief it is not about power and supremacy over their domain. Most users have no concept of the level of complexity for managing access and availability of data and applications when there is no control over the endpoint; nor should they. While network security solutions have improved dramatically over the past decade, improper use of the tools and ever increasing abilities of hackers means that “locking the front door” isn’t good enough to solve this problem by itself.

One of the keys to solving this issue in a way that doesn’t alienate users, but also ensures confidentiality and security of government data is going to be segmentation. Segmentation is the act of distributing the data across multiple tiers from unclassified to compartmentalized and providing greater levels of restrictions on access at each layer. For example, unclassified information should be hosted in the public cloud with no permanent connections back to any data center housing higher classified documents. For Official Use Only (FOUO), Confidential, and Secret data should require minimum Virtual Private Network (VPN) connections for access. This means that the mobile devices must support the VPN protocols in use in order to establish a connection. Finally, Top Secret and above information should require on-premise wireless or wired support only combined with two-factor authentication, VPN and the ability to remove any data downloaded to the mobile device when the VPN connection is broken.
However, the biggest issue for government is going to be segmenting data that is either improperly classified or comprised of various levels of classifications. I was once part of a project where the requirements documents were improperly labeled FOUO, which raised many problems sharing them with foreign counterparts even though the project was developing a collaboration portal to work with foreign government officials through what was going to be a publicly hosted application. This is just one small instance of tens of millions within the government. Moreover, it seems more recent projects have seen serious disagreement among government IT employees and contractors as to what are the appropriate classification levels for certain pieces of data. In one of these cases a very junior security professional within the government was demanding aggregated publicly available information could not exist in a publicly hosted cloud.
I don’t relish these government IT executives position with regard to the growing mobile demand. BYOD is going to amplify this problem exponentially.
Read the original blog entry...
Published January 20, 2012 Reads 1,692
Copyright © 2012 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
More Stories By JP Morgenthal
JP Morgenthal is one of the world's foremost experts in IT strategy and cloud computing. He has over twenty-five years of expertise applying technology solutions to complex business problems. JP has strong business acumen complemented by technical depth and breadth. He is a respected author on topics of integration, software development and cloud computing and is a contributor on the forthcoming "Cloud Computing:Assessing the Risks" as well as is the Lead Cloud Computing editor for InfoQ.
- Big Data in Telecom: The Need for Analytics
- Write Once Run Anywhere or Cross Platform Mobile Development Tools
- Cross-Platform Mobile Website Development – a Tool Comparison
- iPad 3 Next Month: AllThingsDigital
- Cross-Platform Mobile Visual Development – a Tool Comparison
- Mobile Cloud Computing Industry Outlook Report: 2011-2016
- HP Commits to webOS Release Schedule
- Why Poor Data Classification in Government Will Impact BYOD
- Google Loses Appeal to Suppress Evidence in Java Suit
- IBM Buys Worklight
- Google Cultivates a Rep as Patent Gouger
- Apple Quietly Appeals ITC’s HTC Decision
- Big Data in Telecom: The Need for Analytics
- Amazon to Fix Some Kindle Fire Problems
- Write Once Run Anywhere or Cross Platform Mobile Development Tools
- Cross-Platform Mobile Website Development – a Tool Comparison
- Apple Gets HTC Android Phones Banned in US
- Top Five Mobile Challenges for CIOs in 2012
- Schmidt Hints Google’s Own Tablet Coming
- RIM Has a Bad Case of Yahoo-itis
- BYOD, Meet Two-Factor Authentication
- Apple’s German Galaxy Tab Ban Looking Doomed
- Intel Reorgs Search for Mobile Holy Grail
- 2012 the Year of the Tablet and Mobile Developer
- Where Are RIA Technologies Headed in 2008?
- i-Technology Viewpoint: Should RIM BlackBerries Be Rented?
- Has the Technology Bounceback Begun?
- Trump's Apprentice Runner-Up Rebecca Jarvis Has $150,000 Job Offer From SYS-CON Media
- "Mobile Web 2.0" – How Web 2.0 Impacts Mobility & Digital Convergence
- Microsoft and Sprint Collaborate on Mobile Search
- Ringback Tones
- Mobile Music Gets Boost From New W600 "Walkman Phone"
- The Top 250 Players in the Cloud Computing Ecosystem
- i-Technology Blog: Zero-Cost Telephony, the 6-Ton Elephant in the Telco Room
- Java Edition of Windows Live Messenger for Mobile Launched
- Alcatel + Microsoft = Internet TV Over IP, a.k.a. "IPTV," Coming Soon To a PC or TV Near You























