DoD releases comprehensive mobile strategy
The Defense Department June 15 unveiled (.pdf) a mobile strategy document addressing the reliability, security and flexibility of the wireless infrastructure, mobile devices and mobile applications being used at the department. An implementation plan will follow the strategy, as well as a "communications plan to address the cultural challenges associated with mobile device deployment," says the document.
"This strategy will allow mobile activities across the department to converge towards a common vision and approach," said Teri Takai, DoD chief information officer in a statement.
The strategy aims to carve out a common approach to managing the more than 250,000 commercial mobile devices in use at the DoD running on various operating systems, and align pilots and initiatives under common objectives, says the DoD statement.
Advancing DoD's Information Enterprise Infrastructure
According to the strategy document, DoD needs to improve its spectrum management, which includes business processes and spectrum capabilities, to accommodate its growing mobile needs despite "DoD's continued reductions in spectrum allocation." It also plans to partner with the academic community to research ways to maximize available spectrum.
DoD's enterprise infrastructure must support unclassified and classified high-bandwidth traffic while expanding its wireless network and leveraging industry infrastructure, emerging technologies and commercial-off-the-shelf products, says the strategy.
The document stresses the need to build out wireless infrastructure in a way that complies with emerging standards, so as to ensure maximum interoperability and continuous connectivity in the future. It also says the DoD should participate more in wireless standards bodies to shape future standards.
"For tactical mobile device usage, DoD must mitigate the bandwidth limitations associated with current secured tactical communication methods," says the strategy.
The strategy also says the DoD will develop a wireless security architecture to address network vulnerabilities posed by commercial networks and short-range networks like Bluetooth technology. This will also apply DoD public key infrastructure security, access and identification controls to wireless networks, devices and applications.
Setting mobile device policies and standards
Because of components' "unconstrained piloting" of mobile devices, device deployment at the DoD lacks security and interoperability, says the document. The DoD plans to develop standards to rapidly and securely adopt mobile devices through a streamlined approval process, it adds.
"DoD must continue to explore the efficiencies associated with the use of personally-owned mobile devices and potential security risks posed by such devices," says the strategy. The department should also "define acceptable uses of personally-owned mobile devices and acceptable personal use of DoD-owned devices where applicable."
According to the strategy, DoD plans to establish a federated mobile device management service based on enterprise and user requirements. The DoD's MDM service will incorporate continuous monitoring technologies, says the document.
Better security will also come from better training, which will be integrated into existing workforce education programs, says the strategy. The DoD also plans to develop programs that test end-user compliance with "user-based enforcement requirements," says the document.
Developing DoD mobile and web-enabled applications
The DoD believes better mobile apps can deliver a secure and simple function to the warfighter or support personnel, says the strategy document. In order to encourage mobile app development DoD plans to stand up a common mobile application development framework with "developer tools, documentation and automated processes to help build and test mobile apps."
The framework will provide agencies with practical guidance on app development, says the strategy. It will also leverage commercial capabilities and promote interoperability, it adds. The department also plans to create a mobile application certification to validate the app's security and compatibility.
The strategy says the DoD will launch a federated, centralized hosting environment where DoD-approved apps can be re-used by a broader audience. This will also improve app tracking for better lifecycle management, says the document.
Apps may not always be the mobile delivery mechanism of choice; the strategy says mobile-friendly web interfaces are also important. DoD's IT systems, applications and services should be architected now with future mobility needs in mind, rather than "'retrofitting' capabilities downstream," says the document. When components develop new IT capabilities they should also consider mobile display, user interface elements, mobile sensor technology and spectrum requirements, which could enhance the system's use via a mobile device.
As DoD looks ahead to strategy implementation, it plans to consider how each goal applies to three types of users: enterprise-wide users, executive users and tactical support. Complimentary initiatives will also play a role in strategy implementation, specifically identity and access management, and cloud computing, says the strategy document.
Agency app development could be 'a little bit painful,' says Baker
Digital strategy will clarify mobile security options, says Holgate
No BYOD, CAC in the tactical environment, says Army official