VA Bringing Tablets, New Security Challenges to the Federal Enterprise
When the U.S. Department of Veterans Affairs recently announced it would become the first Federal agency to add tablet computers to its official technology procurement list, I’ll bet there were some mixed reactions in the room: Mostly cheers from the end-users, and perhaps a few groans from the information security team.
After all, tablet computing—like all mobile technology—has the potential to supercharge government efficiency. But with increased mobile access to sensitive government information comes an urgent need for new precautions and additional security measures.
The central issue involved is that the proliferation of mobile devices in the Federal enterprise places a growing security burden on the government’s ever-expanding and invisible “network edge.” In other words, while traditional security models like firewalls assume stationary computing, new models must accommodate infinite connection points as more data in motion—including highly sensitive personally identifiable information (PII)—travels away from a centralized security point.
Adding to the challenge is a lack of Federal Information Processing Standards (FIPS) for newer mobile devices, which leaves too many government security professionals scrambling to fill the gaps with ad hoc policies and little agency-to-agency coordination.
As other government agencies consider similar efforts, it’s important to keep security in mind in advance of rolling out mobile projects. An example might be to conduct mobile security assessments to evaluate where the security ‘pain points’ might be on a network before devices are adopted agency-wide . It would behoove agencies to take this precaution ahead of time. If not, whatever money they thought they were going to save by rolling out a more mobile work force will be lost on the back end with security incidents that could have been prevented with the right planning.
Together, the public sector and the private sector can create a safe, efficient environment for Federal tablet computers and other mobile devices. Rest assured, the Department of Veterans Affairs won’t be the only agency to make the move to tablets. So government needs to get ahead of the curve—and be ready to secure its sensitive data no matter where it travels.