New threats reported by F-Secure underscore Android's vulnerability and may make it even harder for enterprise professionals to embrace Google's mobile OS.
The CIA's biggest tech challenge: secure mobility
The Central Intelligence Agency has a lot of technology challenges, but its biggest one is adapting to a wireless world.
The agency's chief technical officer, Gus Hunt, spoke at the AppNation conference yesterday in San Francisco -- a rare public appearance for members of the intelligence service. Hunt became the CTO about four years ago, and began by defining several key technology goals.
Number one: secure mobility.
Today, Hunt said, the devices used by analysts at work are 99.9% wireline-connected computers, and only 0.1% mobile devices. (Mostly BlackBerries and older custom devices, according to another source who spoke on background.)
But Hunt knows the world is moving wireless. "We recognize it's a mobile world out there. It's the inevitable outcome of everything that’s happening. I believe [in a few years] you won't be able to buy an ethernet-connected device of any kind." He continued, "But I'll tell you, wireless is not secure."
Today, he said, analysts who use mobile devices for work have two devices: one for classified work, and another unclassified one for everything else. Eventually, Hunt said, the CIA would like to get rid of these dual devices, but it's a long way off. "We're trying very intently and very acutely and pushing this space very, very hard. But trying to address mobile security is just a tough one."
Another tech priority for the agency is creating micro-apps or applets that perform very specific functions, then allowing analysts to mash them up into larger apps based on their own needs. Then, analysts are encouraged to put these mash-ups back into the common repository. Here, the agency is encouraging "self composed outcomes by users, as opposed to us doing the hard thing, which is to figure out what user wants to do. That's always been a compromise."
Private-sector companies are starting to do similar things. For instance, Clif Triplett, the CIO of oilfield services company Baker-Hughes, recently spoke about the rise of micro-apps at a CIO Perspectives forum in Houston TX.
Hunt also listed four other tech priorities for the agency.
Do you know what information your employees are creating, and where they're storing it? Could you retrieve it if required by law? Are they destroying information that's supposed to be kept, or keeping information that's supposed to expire after a certain date? Data governance is going to become a big deal in the coming years, warns CITE Conference speaker Deborah Juhnke.
Devices from BlackBerry and Samsung Electronics were earlier also cleared by the department.
Sony is a text book example of a disrupted company --and the same thing could happen to your IT department if you're not careful.