Many media outlets are reporting that the US Department of Defense (DOD) has finally approved the use of Apple devices on its network. I see plenty of comments like, “Great, prepare for malware to spread in our country’s military networks because some government worker decided to download the wrong game” or some nonsense.
Yeah, BYOD, or Bring Your Own Device, introduces risks. That’s why you need to have the appropriate infrastructure to support BYOD, including the use of MDM (mobile device management) solutions for smartphones and tablets like AlertBoot Mobile Security.
It also helps if your BYOD project is not actually a BYOD project.
Apple Devices are STIG-tastic
Defense.gov reports that:
The release of the Apple iOS 6 STIG is a major stride in building a multivendor environment, supporting a diverse selection of devices and operating systems, DISA officials said. This STIG and the recently approved STIGs for the BlackBerry and Samsung Knox operating systems demonstrate DISA’s commitment to validate a range of devices that meet DOD security standards so the best technology is available to achieve mission requirements, they added.
The STIG, or Security Technical Implementation Guide, is documentation designed to standardize security in the installation and maintenance of computer hardware and software, according to Wikipedia.
It Ain’t BYOD If You Don’t Bring It
What this all means is that Apple can now sell their devices to the military. This does not mean that people can bring their own iPhones and connect them to the government network. Also from defense.gov (my emphasis):
government-issued iOS6 mobile devices are approved for use when connecting to Defense Department networks within current mobility pilots or the future mobile device management framework
See how it says government-issued? A further explanation by the same site (my emphasis):
Officials said the STIG does not allow personally acquired mobile devices to connect to DOD networks.
In other words, they’ll give employees an iPhone. Or an Android phone (as long as it’s a Samsung, I guess, or running KNOX). Or perhaps even a Blackberry. Basically, the DOD, which is already leveraging Blackberry devices for better productivity and communications, is now widening their options in terms of hardware (and possibly software).
No BYOD here. More like CYOD, Choose Your Own Device.
Fool Me Twice, Shame on Me
The capriciousness of the “here come the data breaches” comments are a little annoying. Granted, the military once had a huge problem in their hands due to USB memory sticks, and ended banning all removable media devices on DOD machines. However, I like to think that much has changed since 2008. It seems quite obvious to me that the DOD would have learned something from the experience; they’re most probably not approving Apple and Samsung devices without a good idea of what they’re doing.
Now, you might say, “hey, it’s a matter of when, not if. That’s the nature of data breaches. You can’t really escape it; you can only be lucky enough not to be there anymore when it happens.” In other words, MDM, passwords, encryption, location tracking, etc. are all for naught; attempting to provide security is useless when you know it’s going to eventually happen.
Well, that’s also true when it comes to death. The probability of you meeting your maker is 100% (in a manner of speaking), but mass suicides are severely lacking among the logical crowd. Often times, engaging in the “impossible” is still worth doing regardless of the odds.