Booz Allen Hamilton

Adaptable Security: A New Frontier for the Mobile Federal Workforce

In order to embrace a more mobile workforce, government stakeholders need communication tools that factor in real risks, perceived risks, and future risks for a strengthened, comprehensive security posture.

As the federal government works to embrace mobility adoption to unlock new capabilities, there is room to grow when it comes to proactively mitigating risk for a more flexible environment. Protocols for switching between classification designations have been particularly challenging to address security posture.

Meanwhile, as federal leaders seek to balance the need for mobility without compromising security, many government employees have become dissatisfied with the access and tools currently provided.

“The end users that can benefit the most from mobility really don’t feel empowered to challenge their organizations’ security groups, so most times they remain silent,” says Jason Myers, a technical director for product at Booz Allen Hamilton. “As a result, leadership doesn't have the right data that new mobility capabilities can offer, and subsequently cannot make a risk-based decision on how to balance security risks.”

Myers is one of several developers who helped invent and launch District Defend®, which runs on select Dell devices, to navigate and ease adoption of mobility, while reducing costs and risk. Further, it eliminates the need to use multiple devices to ensure compliance in different locations with varying security requirements. The technology automatically updates to enforce security based on pre-defined contexts on just one device, saving overhead purchasing costs and allowing employees to move seamlessly and securely between locations.

District Defend’s in-depth approach to security enforcement mitigates sophisticated threats that have previously gone unaddressed. The endpoint device needs have secure hardware, not just software — a central idea to the solution’s development. Every new feature and sensor tacked on to devices in the government workplace is a threat, so hardening the endpoint was the logical step. “We need to understand that threat is always going to persist but it can be mitigated by providing an underlying security layer that bridges enforcement gaps between a devices hardware, firmware, and software,” Myers says.

Nearly three-quarters of federal respondents in a Government Business Council survey said they collaborate with colleagues in disparate locations either daily or weekly. However, tightened tension between established interagency security standards and mobility has delayed the government’s ability to fully embrace and rapidly integrate mobile technologies. A recent survey exploring the mobility and security paradigm in the federal workplace found that 60 percent of respondents feel “stringent security controls” inhibit mobility, although nearly 75 percent reported mobility as a “very or extremely important” asset for their organization.

“The easiest thing for security teams to say is ‘no’, and that’s really not challenging,” Myers says. “That doesn’t prove a security expert’s prowess. The best security experts most beneficial to government leaders are the ones that help them say ‘yes, and here is how we can safely make it happen.’” This empowers government leaders to put the mission first to “adopt new capabilities in concert with large-scale technology revolutions, without putting excessive compliance burdens on end users.”

After working with executives and leadership in the government space for over 12 years, Myers understands the skepticism that greets newly introduced technologies. His takeaway: Solutions need to consider the real risks, perceived risks, and future risks nation-states must face, and secure the endpoint to mitigate those risks as well as human error.

Myers emphasized the device’s need to be protected so data stays safe, but this shouldn’t mean greater costs. “There are a lot of waivers and exemptions, and a lot of costly hardware modifications that just doesn’t scale to the enterprise,” he says, such as removing cameras and microphones from approved devices. District developers worked backwards, finding a way to streamline mobility and give users access on-the-go in fully-equipped tablets and laptops complete with physical and cyberattack prevention.

To comply with varying security restrictions across work environments, District will automatically turn off a laptop if it exits a building without approval, and will wipe data from the device within a set amount of time if it does not return. District Defend automates the policy enforcement process, simplifying management and creating space for government processes to be reimagined. Myers and his team built the technology completely integrated into the hardware itself, cutting costs and complexities of multilayered products. This eliminates the difficulty and costs of a scaled security installation after hardware production.

Convenience Without Cost

Mobile solutions, like District Defend, ease the cultural change to a more productive and efficient workplace, as well as add to the quality of life for employees. Less time is wasted trying to track down people when they’re not at their desks in unsuccessful phone tag. Myers’ three children were born while he was working in a classified space. “Just getting ahold of me when [my wife] was going into labor was a constant challenge,” he says. This cultural transition is a critical component for seeking out the future workforce, where talent recruitment and retention relies on an up-to-date and innovative mobile work environment. Deliberate technology integration and education can help agencies create a sustainable and secure workplace culture for the future generation that has grown up collaborating and communicating seamlessly.

“From a security perspective, we wanted to make sure that users still had the ability to do their mission,” Myers says. “People need to do their jobs, so it’s a matter of giving them the tools necessary to do their jobs securely and at pace with innovation. That’s really what we tried to focus on.” 

For example, one agency set up a mounted tablet with District Defend technology to take passport photos. Instead of having an employee snap pictures, a user could just come up and tap the app. That organization is saving thousands of dollars a year by adopting one single tablet, according to Myers.

District Defend facilitates government missions and processes to unlock fundamentally new capabilities and streamlines mobility to increase collaboration across the organization. It does so by securely speeding up processes and bypassing security setbacks. “The biggest benefit is letting people collaborate with their peers more in mission team scenarios instead of statically,” Myers says.

This content is made possible by Booz Allen Hamilton. The editorial staff of GovExec was not involved in its preparation.