We all know that the topic of Bring-Your-Own-Device always prompts a riveting discussion amongst Government agencies. Dept of Defense agencies are especially averse due to the underlying security concerns of exposing non-GFE personal devices to a secure defense network. It was no different at the Mobility Work Exchange townhall meeting just a few short weeks ago where I had the dubious honor of moderating the “BYOD in Action” session, featuring the CTO of the Defense Logistics Agency (DLA) — Mr. Joshua Lashbrook.
We kicked off the discussion with the mention of the Federal CIO Council’s BYOD Toolkit released last year. In it, there were three key solutions for BYOD that were recommended as part of the guidance (I spoke about these already in my earlier blog here). For our discussion at the MWE session, we focused primarily on Virtualization as it has a long proven history within Federal agencies and met Defense agency specific security needs eliminating data-at-rest concerns on endpoints.
Mr. Lashbrook spoke at length about DLA’s move towards App/Desktop Virtualization and how he has leveraged it for a “Home Use” Program to empower his agency’s employees for telework and COOP scenarios.
DLA’s “Home Use” program allows 28,000 employees across several field sites to use their personal devices from their home network using only the Citrix Receiver, a commodity CAC reader for authentication and simple anti-virus software. One of the attendees of the session posed a poignant question — if a user is not allowed to “bring” their non-GFE device into the office, only “use” their non-GFE device from home — can this truly be a “BYOD” program?
Do Federal agencies truly want a policy that permits non-GFE devices to be physically plugged into a secure Federal network? Several commercial enterprises implementing BYOD policies, usually create an isolated WiFi network that provides internet-only access to help secure the “corporate LAN.” This treats all BYOD users, physically located on-site or off-site — as remote users. Although this type of architecture may not be an immediate reality for Federal agencies, providing “remote” Use-Your-Own-Device (UYOD) access from home for non-GFE devices maybe a middle ground that would empower users while Federal network architecture and policies can catch up.
Read more about Defense Logistics Agency’s program in the following whitepaper to learn how they leveraged Virtualization as a step on their path to a true Federal BYOD program:
Feel free to continue the conversation in the comments section below and be sure to follow me on twitter @virtfaisal for more information on the evolution of Federal BYOD.