While a top priority for most organizations today, the threat posed by mobile data security breaches holds more severe consequences for some industries than others. Right at the top of that mountain you’ll find the defense agencies and military infrastructure that are responsible for our national security. When it comes to national defense, any security slip up or exploited gap can end in casualties and jeopardize the safety of both military staff and the citizens they are trying to protect.
Cybersecurity attacks have been a part of geopolitical warfare for decades, but as these threats have extended to mobile devices, they have surpassed the security capabilities of commercial technologies and pose unique challenges for military communications and command and control (C2) operations.
Today’s defense personnel must have the capabilities to collaborate with their colleagues and share highly sensitive, often mission-critical intel from wherever they are, be it in the field or in the control room. Allowing such sensitive data to be accessed on mobile devices and applications heightens both the risks and the challenges, and requires tailored solutions for both enterprise hardware and software. Therefore the entire approach is incomparable to any mobility project in the private sector.
One Device That Can Do it All
To give defense personnel the best tools available they need a device possessing these qualities and functions:
Rugged: Rugged mobile devices that can operate in harsh environments are the standard for soldiers in the field. They allow soldiers to navigate terrain with a much more comfortable device, and hopefully let the military phase out the brick-sized radios and paper maps which have long been the norm. They are also built to prevent physical intrusion and for device memory to be acquired if the phone were to be taken apart.
Customized OS: The U.S. Department of Defense (DoD) still utilizes hardware from consumer manufacturers such as Samsung, but these are modified rugged versions. The Android OS for its versatility, but it is then hardened to allow for additional layers of security.
PTT Voice & Messaging: For starters, these devices must be able to provide staff with reliable basic features like voice and messaging. A must-have function required by many military and law enforcement clients is Push-To-Talk (PTT) communication, which allows one person to connect to single users or active talk groups almost instantly with a single button press and ensure that time-sensitive information is communicated without delay. Similarly instant messaging must be carried out with the same speed and reliability, and with multi-user chat capability as many situations render calling impractical.
VoIP Network: Defense agencies are able to use the data from commercial carriers, but wireless communications over public radio and telephone lines can be intercepted too easily, which is why the DoD uses their own encrypted VoIP network.
Military App Deployment & Security Challenges
In addition to standard apps for email, calendar and contacts, specialized apps must be provided to various military, law enforcement and even rescue operations staff to help them fulfill mission objectives. These include mapping apps to navigate the battlefield according to plan, as well as command and control programs. Securing the apps and data on these devices is of paramount importance. If data is breached or intercepted while in transit the enemy could discover your whereabouts and track your movements, compromising the battle and inflicting casualties. This is where the greatest challenge could lie as far as classified mobility is concerned. A more resilient OS still cannot prevent cached history from leaving a digital footprint on the device. And with governments engaging in cyber warfare and potentially catastrophic cyber terrorism the new reality, even the most resilient device security and encryption available can be cracked. In an environment where the stakes could not be higher, a unique approach to app deployment is a necessity.
The Emerging Solution: Virtualized Mobile Apps
Virtual Mobile Infrastructure (VMI) may be a relatively recent trend in the private sector, but it has been recognized by defense agencies as a higher level of security for quite a while and the reasons why are pretty clear: zero data on devices. Under VMI mobile apps running in the data center are deployed onto devices as a display using a thin client app. The user works with the apps the same way they would with a native mobile app stored on the device, but they are kept behind the military’s firewall where they are best secured.
Being able to manage and distribute apps from a secured data center means there is no critical data which can be compromised from devices regardless of whether they are lost or stolen. The device leaves nothing for hackers, no matter how sophisticated, to retrieve. This removes the need to allocate significant IT resources towards managing device security.
This elevated security removes the need for defense agencies to invest in making every conceivable app military-grade. In addition to custom apps created in-house, they can now provide access to popular COTS apps that are already effective for inter-staff communication.
Look for VMI to become the standard for secure mobility in the defense arena going forward.