Smart phones shape connectivity strategies, security programs

As handheld computers become more powerful and more common, they’re changing the way IT managers look at both connectivity and security. Smart phones, tablets and other compact systems can access networks from any location, making it much more difficult to limit access to networks.

The changes wrought by the emergence of these mobile devices was touched on by many speakers during the 2011 Department of Defense Intelligence Information Systems conference in Detroit. Many government agencies and private corporations once tried to prevent people from accessing secure networks using these systems, but most now realize that this is a losing battle.

“In today’s social media environment, people expect to have the similar tools and capabilities at home or when they’re on our network,” said Grant Schneider, CIO for the Defense Intelligence Agency.

Geoffrey Fowler, director and managing editor of the Worldwide Intelligence Review for the Central Intelligence Agency, expanded on that challenge. “If customers want to use these systems, they will find a way to use them. That’s why we need to make data available on all types of technology,” he said.

Including these devices poses myriad challenges for managers charged with protecting data. Matthew McCormack, the Defense Intelligence Agency's chief of cybersecurity, noted that while desktop and laptop users understand the need for security software such as antivirus programs, very few people use any type of protective programs on tablets or smart phones. If these devices hold malware, it can enter the network when they log in, he added.

That’s prompting management teams to devise new ways to protect data. Instead of preventing intruders from entering the network, they are now focusing on data protection. One technique is to limit the people who can access certain types of data.

“We’re moving to a concept where devices know who you are and what you need,” said Kelly A. Miller, Deputy CIO for the National Security Agency/Central Security Service. “We’re starting to protect data. In that model, you start losing classified protection boundaries and you start protecting data. That lets us move to a more mobile environment.”

Speakers noted that all these changes are necessary because decision makers want access to information whenever they have time to get it. They often do their analysis while they’re outside traditional offices or away from their home networks.

“Decisions are not always made when people are using their desktop PCs,” Fowler said.