Federal Mobility Initiatives Bring New Opportunities
As smartphones and tablets reach a point of near-ubiquity in the corporate world, the Federal government appears to be slower in its adoption of a mobile infrastructure. Though constrained by regulations not designed for a mobile infrastructure, the government is pushing forward plans to integrate mobile devices into its complex IT and regulatory infrastructure. Defense and civilian agencies are launching pilot programs and developing standards to address their unique requirements, creating opportunities for contractors that can address the emerging technological needs associated with secure mobile access to government networks.
The National Institute of Standards and Technology (“NIST”) is close to releasing Special Publication 800-157, Guidelines for Personal Identity Verification Derived Credentials, addressing authentication technologies for mobile devices, which has been among the biggest obstacles to mobile adoption. While this publication brings government agencies closer to implementing a comprehensive mobile infrastructure, adoption will face further challenges, and likely require additional technological development.
For example, the NSA, which is responsible for ensuring the security of classified-level IT systems for the entire government, noted that certain commercially-available technologies are not sufficiently developed, especially with regard to mobile device management (“MDM”) capabilities. The NSA highlights its need for dynamic policy management solutions that can be enterprise-controlled, but react to device types, user locations, and other parameters. In its July 2013 Mobility Capability Package, the NSA focused on integration of commercially available products and solutions to create a secure mobile infrastructure. However, the agency has not been able to identify a suitable commercially available off-the-shelf (“COTS”) solution, and may need to rely on custom-developed technologies to fulfill certain requirements such as MDM, creating further opportunities for well-positioned developers.
Another question likely on the minds of government employees is the likelihood of being able to use personal devices in the workplace. So far, implementation of mobile device policies and frameworks has been predominantly focused on government-furnished devices that do not support personal use and in some cases non-emergency phone calls. The next step may be to accommodate a true bring-your-own-device infrastructure, allowing for government employees to use their personal phones and tablets to securely access government networks. While certain COTS technologies may be incorporated, securing access to Federal agencies brings a new set of technological requirements, which may have to be addressed through government development programs.
The emerging opportunities to address Federal mobile security needs may drive demand by government contractors to develop or acquire mobile security, identity management, and device management capabilities as they reposition to address the requirements of an increasingly mobile workforce.