Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

Army Partners With Google, Apple On Secure Tablets

The military arm and its technology partners are testing an "iPad-like" device now, to shore up security before deployment.

Inside DHS' Classified Cyber-Coordination Headquarters
(click image for larger view)
Slideshow: Inside DHS' Classified Cyber-Coordination Headquarters
The Army is partnering with Apple, Google, and other mobile technology companies to shore up security requirements for a tablet device that will allow for common access for personnel across the enterprise, the Army's CIO said Wednesday.

"We're testing one device--an iPad-like device--that you embed your CAC (Common Access Card) in, log onto the network and sign," said Lt. General Susan Lawrence, speaking at the LandWarNet 2011 conference. "As long as the industry can bring those [secure] devices to the table, those are the devices we're going to seek out." Lawrence and other military technology leaders held a conference call from the meeting Wednesday with reporters.

Lawrence said the device the Army is testing already works and, as soon it's properly secured, "we're going to put it on our shelves quickly for our units to deploy."

Security indeed is a chief concern as the Army works on its deployment of mobile solutions across its networks, concurred Lt. Gen. Rhett A. Hernandez, commanding general of the U.S. Army Cyber Command, which centralizes command of military cyberspace operations and synchronizes the defense of U.S. military networks.

Hernandez said before he knew the intricacies of securing mobile devices, he was an unabashed enthusiast about approving them for use as quickly as possible.

"From an operational standpoint, I can't wait to get them out there," he said. However, "from a vulnerability standpoint, let's make sure we bring them on and make sure we maintain a trusted and secure environment."

Hernandez said the Cyber Command has a team in place evaluating the security of mobile devices and identifying "what vulnerabilities might these bring so we can get them trusted and secured."

The Department of Defense (DOD) has not yet broadly approved the use of smartphones and tablets for its personnel, but some military branches are already using the devices.

The Coast Guard became the first branch to formally approve the use of iPhones and Android-based smartphones for its personnel earlier this month, and the Department of the Navy said last week it is close to approving iPhones, iPads, Android-based devices, and the BlackBerry Playbook for use on Navy and Marine Corps unclassified networks.

The Army, too, has been testing mobile devices for more than just network access. Through a series of pilot programs, it's been testing equipping soldiers in the classroom and the field with mobile applications via smartphones, as well as building out a mobile battlefield network based on Google's Android OS. Officials, however, did not provide updates on these programs on the conference call.

Join us for GovCloud 2011, a day-long event where IT professionals in federal, state, and local government will develop a deeper understanding of cloud options. Register now.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Firms Improve Threat Detection but Face Increasingly Disruptive Attacks
Robert Lemos, Contributing Writer,  2/20/2020
Ransomware Damage Hit $11.5B in 2019
Dark Reading Staff 2/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-17274
PUBLISHED: 2020-02-26
NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x prior to 13.1P1 were shipped with a default account enabled that could allow unauthorized arbitrary command execution via local access.
CVE-2019-17275
PUBLISHED: 2020-02-26
OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers.
CVE-2020-3169
PUBLISHED: 2020-02-26
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root on an affected device. The vulnerability is due to insufficient validation of arguments passed to a spe...
CVE-2020-3170
PUBLISHED: 2020-02-26
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause an NX-API system process to unexpectedly restart. The vulnerability is due to incorrect validation of the HTTP header of a request that is sent to the NX-API. An attacker could expl...
CVE-2020-3171
PUBLISHED: 2020-02-26
A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input vali...