Snapshot Mobile Warrior

How to build a secure virtual infrastructure

As the Defense Department moves to a mobile environment, security is a high priority. Virtual desktops can make the process easier, providing centralized control, reduced complexity and efficient management of user access and privileges.

IT organizations can manage security functions primarily on data center and network resources instead of handling hundreds or thousands of desktop devices requiring individual protection.

However, there are still layers of complexity that anyone extending a VDI solution to the mobile environment must address, said Shawn McCarthy, research director with IDC Government Insights. In the case of DOD, there are Department of Defense Information Assurance security accreditation and Common Access Card requirements as well as stringent access controls that all DOD agencies or services must meet, McCarthy said.

DOD is constantly updating its mobile device policies and strategies as the threat landscape continues to expand. So DOD agencies and services have to stay abreast of DOD’s mobile, cloud and enterprise architecture strategies as well as the commercial mobile device implementation plan and IT modernization plans.

With more organizations extending beyond the boundaries of their corporate networks, perimeter protection is even more imperative. Agencies must make sure that mobile requirements do not put environments at risk, industry analysts say.

There is a nice spectrum of innovation going on that is making it easier for organizations “to secure and encrypt data on mobile devices and wrap applications with encryption and policy,” providing secure paths into the data center, said David Johnson, principal analyst with Forrester Research.

With that in mind, VMware developed its Horizon Mobile Secure Workplace, which is designed to provide end users secure and easy access to desktops, applications and data across devices, locations and networks. The technology lets IT departments apply location-aware, policy-driven access to corporate resources via virtual sessions that follow end users across devices and locations.

Over the next several years, look for more advances in technology that allow agencies to confidently integrate mobile devices into their IT infrastructure.

One area of interest is using mobile-optimized thin-client technology capability that provides remote access to sensitive data that would be vulnerable if stored directly on a mobile device. The goal is to ensure that the device can access protected enterprise applications and data from a corporate intranet, keeping the user experience intact.

Forrester analysts say that one way to get security technologies quickly to market in the emerging mobile ecosystem is either as a software-as-a-service or through application programing interface services, according to the firm’s 2013 Mobile Security report. Technologies that analyze malicious and risky behaviors of mobile apps now available in app stores have a unique value proposition. Providing this capability as-a-service will allow integration with mobile device management and mobile application management products as well as consumer-facing security products.

“Forrester also sees an increasing demand for security technologies from mobile-cloud service providers, for whom security and privacy will become a differentiator. Again, the as-a-service model will allow mobile-cloud services to quickly integrate the security capability without retrofitting traditional software for multitenant services,” the Forrester report states.