The Defense Department may not be sold on Android and iOS security. Within months after clearing the mobile platforms for military use, the Pentagon has told employees to put down their beloved iPhones, iPads and Android gadgets and go back to using an older model BlackBerry.
The official reason for the sudden change is to give the Defense Information Systems Agency time to install a new $16 million mobile device management system. The security vendors that signed the MDM contract in June were DMI, Fixmo and MobileIron.
But some defense contractors have said that they suspect the consumer-oriented devices may not meet battlefield security standards.
"There may be a more fundamental issue of device suitability among the major manufacturers and OS versions," Ray Bjorklund, president of BirchGrove Consulting and a longtime procurement specialist, told Nextgov.
Adding to the confusion are DISA documents that say only BlackBerry phones and Playbook tablets have an "authority to operate" on Defense Department networks, Nextgov says. That would seem to cut out the use of Android or Apple devices.
In May, the Defense Department approved the iPhone and iPad for use on its networks. A week before, the same security clearances were issued to BlackBerry and Samsung Galaxy smartphones and tablets.
Fast forward to today and all devices but the BlackBerry 9930 are out at least until March 2014. The Pentagon still trusts the older BlackBerry, which will be managed through the Defense Department's existing BlackBerry Enterprise Server.
The new orders have led to grumbling among some Army employees who had to give up their iPhone, iPads and Android devices. Until the plug was pulled, the tablets and smartphones were secured through a Good Mobile Messaging service, according to Nextgov.
Officially, the Defense Department plans to have 100,000 military personnel on government-issed Apple, Samsung, Blackberry and other consumer devices by September 2014. But whether the Pentagon is serious about letting employees choose their own device remains to be seen.
A lot can happen over the next nine months, and so far, only the BlackBerry has proven to be battlefield ready.
The Pentagon is not the only organization struggling with mobile security. A survey of 576 IT professionals found that the majority doubted the effectiveness of the controls their organizations had in place for securing employee-owned devices.
The study sponsored by TCG and the SANS Internet Storm Center found that 48 percent of the respondents said user education and awareness were the only controls in place to secure devices. More than one in five said there were no controls.
Mobile security is obviously a work-in-progress in these organizations.