As BlackBerrys and other products wear out, employees increasingly will provide their own devices for work.
The next four to eight years in federal IT will be defined by what workers increasingly lack, experts say, including agency-issued phones, tablets and even laptops for telework.
“Bring your own device” policies already have been rolled out at some agencies, mostly on a voluntary basis. As the years roll on and agency-issued BlackBerrys and other product lines wear out, those policies will become increasingly common and, in some cases, mandatory, experts say.
The most basic reason is efficiency.
“Apple just released the iPhone 5,” said Darren Ash, chief information officer at the Nuclear Regulatory Commission and president of the American Council for Technology. “In the Android market it seems like a new model comes along every month. We can’t keep up.”
But there’s a deeper reason too. Just as the government doesn’t provide most employees with cars or Metro passes, some argue there’s no fundamental reason agencies should spend energy and resources providing workers with cellphones when they’re perfectly willing to get one for themselves. In fact, many employees would rather choose the product they want. It’s a trope of government technology conferences that many federal employees carry a government-issued BlackBerry in one pocket and a personal iPhone or Android in the other. In theory, reducing that clutter would be good for agencies, employees and the government’s carbon footprint.
Agencies have said they might offset this new employee burden with a stipend.
But resistance to a BYOD policy has been twofold. First, officials don’t trust iPhones and Androids to keep government information secure from hackers. Second, agencies aren’t sure they trust employees to not leave devices full of sensitive government documents sitting unsecured in the back seats of taxis or let children play Angry Birds on them.
Employees, for their part, don’t much like the idea of giving security officials power over their devices, which can be the equivalent of a personal diary, a calendar and a family photo album wrapped into one.
Officials are likely to crack both of these problems over the next administration or two, experts say. At the center of both will be a robust identity management system -- one that knows who you are and where you are and that can keep work and personal information separate, said Karen Evans, who was e-government director during the George W. Bush administration. On the work side of the device, security officials would be able to control settings and remotely wipe away any data if the device was compromised, she said. Evans is now national director for the U.S. Cyber Challenge, an organization devoted to bringing more technology students into the public and private cybersecurity workforce.
An effective identity management system also would require a mobile-based biometric identification, such as a fingerprint or iris scan, to reach classified or sensitive information, IBM’s Chenok says. That technology isn’t commercially available and there are no government standards for it, but it should be on its way within the decade, he says.
With BYOD, as with collaborative technologies and other advances, four or eight years might be long enough for the beginning of a culture change, but the government moves like a battleship not a speedboat, said Steve Charles, co-founder and executive vice president of ImmixGroup, a federal technology contractor. The rule, he says, will be a lot of pilots and a lot of time before the ship of state changes course entirely.
“Look at how long it took for management to start to take seriously the idea that you can legitimately telework,” he says. “That took five or six years at least. The same thing will happen with BYOD or BYO anything. The activities from one shop to the next are so disparate. The idea the whole government is going to wholesale change how everyone operates is ridiculous. The short answer is it’s going to happen piecemeal.”