DISA: DoD's MDM, app store procurement in source selection
With the release of its new Commercial Mobile Device Implementation Plan (.pdf), the Defense Department is moving forward with the acquisition process for procuring a combined enterprise-wide mobile device management and mobile application store, according to a Feb. 26 press briefing.
John Hickey, the Defense Information Systems Agency's Program Manager for Mobility, says the MDM/MAS procurement is currently in source selection with a contract award or awards expected in the late spring or early summer. "What we're trying to leverage is software that is already in existence," says Hickey, who added that "more than a dozen companies" have responded to an October 2012 request for proposals.
According to the DISA RFP, the MDM capability will function as a "traffic cop" enforcing policy for network and user end devices. The MDM institutes the policy, security and permissions that define the functions the user is enabled to conduct on the mobile device.
"As end user dependence on mobile devices rises, enterprise management implemented via an MDM becomes necessary to ensure secure mobile device operation and maintenance in a cost efficient manner," states the new DoD implementation plan, adding that MDM capabilities "ensure the security of the entire user community is not compromised by an improperly configured or operated device."
However, the implementation plan is quick to point out that "until the development of multi-level security is a viable construct," separate MDM systems in the classified and unclassified DoD information domains will be implemented.
For its part, the MAS, operating in conjunction with the MDM, will serve as an online digital electronic software distribution system, obtaining user application permission rights from the MDM.
"The MAS can deliver, update, and delete applications on mobile devices without the end user having to return the device for service," states the implementation plan. "The objective of an enterprise MAS is to optimize the functionality and distribution of mobile applications to mobile devices while minimizing replication, cost, and downtime."
Under DoD's implementation plan, DISA is leading the effort to create an enterprise solution to support "Controlled Unclassified Information" mobility requirements that will leverage commercial carrier infrastructure and provide entry points for classified services.
Last year, DISA initiated a mobility pilot to build an enterprise mobile capability that would serve as the wireless entry point into the Department of Defense Information Network. The military services are partners for the unclassified portion of the pilot, while the National Security Agency is a partner for the classified side. Four major commercial carriers are participating in the pilot, Hickey says.
DISA is charged with establishing a DoD Mobility Program Management Office by fiscal 2014 that will provide guidelines for secure classified and unclassified mobile communications capabilities. Hickey says the project office for the DISA mobility pilot established in May 2012, which he manages, will become the basis for the DoD Mobility Program Management Office.