DHS Prioritizes Virtual Desktop and Mobile Security

by Stephanie Sullivan, Consultant

AFCEA DC’s Mobile Apps Security Panel discussion held on June 24 highlighted some of the top priorities and challenges for DHS, as well as several other agencies including: DISA, DOD, GSA, and NIST. DHS continues to place emphasis on automating and authenticating applications, as well as a continued focus on their workplace-as-a-service cloud offering that aims to provide virtual desktop and mobile device management capabilities.

Two things you should be aware of:

1. Federal “App Store” – According to Mr. Robert Palmer, Director of Information Assurance, Information System Development Office at DHS the agency is currently working with GSA to broaden use and come up with a collective effort for standards. Meaning agencies need to come up with standardized criteria to test applications, and align that criteria across the Federal Government, which could eventually allow for the stand up of a Federal “App Store.”
2. The “Car Wash” – DHS is still in the proof-of-concept stage for its enterprise-wide mobile device management application process called the “car wash.” This process allows the agency to follow applications through their life cycle, including testing, vetting, and validating data. The car wash methodology allows for the data and code to be cleansed and become secure and trusted for exchange with other agencies or with citizens.

According to Keith Trippie, Executive Director, Enterprise System Development Office at DHS he finds car wash efforts to be an innovative approach combining continuous integration and development to speed mobile app development by automating security and usability scans as well as testing.

Mobile security needs for DHS could include: data tagging, automation tools, and application security solutions.