ATF & USMS Mobility Pilot, 9 Feb2011

  • 2,190 views
Uploaded on

Joint ATF/USMS iOS mobility pilot, presented at the 2011 DOJ Cyber Security Conference

Joint ATF/USMS iOS mobility pilot, presented at the 2011 DOJ Cyber Security Conference

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • blessing_11111@yahoo.com

    My name is Blessing
    i am a young lady with a kind and open heart,
    I enjoy my life,but life can't be complete if you don't have a person to share it
    with. blessing_11111@yahoo.com

    Hoping To Hear From You
    Yours Blessing
    Are you sure you want to
    Your message goes here
    Be the first to like this
No Downloads

Views

Total Views
2,190
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
57
Comments
1
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Office of Science and Technology ATF & USMS Mobility Pilot: Deploying and Supporting iPads/iPhones in the DOJ Environment Rick Holgate ATF Assistant Director for Science & Technology / CIO DOJ Cyber Security Conference February 9, 2011
  • 2. Office of Science and Technology Factors Driving Mobility at ATF (& USMS) • Law enforcement and regulatory missions – Most work happens away from the office – Productivity enhancement • Emergent situations – Special operations, major events, ESF 13 • Increasing demand for real-time information – “Knowing what we know” • Telework / real estate costs • Predominantly controlled unclassified information 9 February 2011 innovative applications of science and technology 2
  • 3. Office of Science and Technology Why A(nother) Mobility Pilot • Spectrum relocation – video surveillance • Highly mobile ATF (& USMS) workforce • Right mobility model for the future – Usability and functionality • Lessons learned from mobility pilot v 1.0 – Affordability 9 February 2011 innovative applications of science and technology 3
  • 4. Office of Science and Technology ATF Organizational Snapshot (round numbers) Personnel Mobile Data Devices12,000 12,000 150 Contractors / 1,800 Windows10,000 Task Force 10,000 Mobile Officers / Others 8,000 Other 8,000 3,100 BlackBerries Professional 6,000 2,400 Staff 6,000 Cellular Industry Broadband 4,000 1,738 Operations 4,000 Investigators 6,500 806 Laptops 2,000 Special Agents 2,000 (w/secure 2,560 WiFi) - - 9 February 2011 innovative applications of science and technology 4
  • 5. Office of Science and Technology Overall Pilot Objectives • Deliver meaningful functionality • Test relevant and complete use cases • Understand technical and cost obstacles and implications • Demonstrate the ability to secure and manage the devices …while maintaining device/OS-independence 9 February 2011 innovative applications of science and technology 5
  • 6. Office of Science and Technology Why iOS? • Market and mind share • Grass roots adoption • Intuitive applications readily adopted for law enforcement • Appealing form factor(s) • Easy to use 9 February 2011 innovative applications of science and technology 6
  • 7. Office of Science and Technology Mobility Solution Centralized Mobile Secure Email Device Workforce Management Security Enterprise Provisioning Features Applications Scalability and Reliability Production Features Collaboration Usability Applications Decommission Features 9 February 2011 innovative applications of science and technology 7
  • 8. Office of Science and Technology Mobility Solution Architecture End User Distribution Packaging ATF Enterprise Mobile Devices Enterprise Applications Outside Mobile Sandbox Applications (Apple, iTunes, Collaborating Android Market) Applications ATF Security Policy Application Profile Distribution Store Mobile Device Control Secure Profiles Profile Sandbox Configuration Profile 9 February 2011 innovative applications of science and technology 8
  • 9. Office of Science and Technology Core Technical Objectives Device Management Application Policy Deployment Implications Strategies 9 February 2011 innovative applications of science and technology 9
  • 10. Office of Science and Technology Mobile Device Management Considerations Feature & Security Enterprise Platform Functionality Compliance Integration Security Apple iOS MS ActiveSync FIPS 140 Data at Rest Software Android MS Exchange Management Asset Management Blackberry Active Directory FIPS 140 Configuration Data OTA Tivoli, HP Operation Windows Mobile Management Manager, etc. Performance & Symbian ArcSight Diagnostic AES 256 Backup and Palm WebOS BES Restore 9 February 2011 innovative applications of science and technology 10
  • 11. Office of Science and Technology Mobility Scenarios Functional User Scenarios Application Deployment Scenarios Executive Operational Operational Operational ATF & USMS USMS 1811 ATF 1811 ATF 1801 Office productivity X X X X (email, calendar, contacts) Legacy/desktop applications via Citrix X X X X Document collaboration X X X X App Store applications with X X X X enterprise data Custom applications X X Web applications (internal, external) X X X X Video management X X 9 February 2011 innovative applications of science and technology 11
  • 12. Office of Science and Technology Application Deployment Strategies Training and Reference Materials (internal content Enterprise Apps: management) • NFOCIS (ATF case management) • JDIS (USMS) Enterprise Data: • MS Office Business Intelligence • Content repository Document Authoring, Collaboration using Sandboxed Access to Enterprise Content: Enterprise Productivity • WebDAV (Exchange, etc.), • Enterprise Content Pinecone Internal Web Apps Management System (ATFWeb, HRConnect) • IDEA/MyFX (?) 9 February 2011 innovative applications of science and technology 12
  • 13. Office of Science and Technology Application Deployment Strategies Personal accounts (?) Gmail, Yahoo, Hotmail Dictation for integration with productivity apps Personal applications (?) Video surveillance and evidence management (Provided as a cloud- Pinecone based service) External Web Apps: • WebTA • learnATF/learnDOJ • eTrace 9 February 2011 innovative applications of science and technology 13
  • 14. Office of Science and Technology “How Big is My Sandbox?” Con- Calen- Mail Camera tacts dar App Native (OS) or Phone Web Notes Store App Store apps AirWatch, Ever- Office2 BoxTone note HD Pages Dragon Functionally “Managed segregated Space” Anno- App eReader Camera through tate MDM Pinecone File Calen- Dedicated App Phone apps in a Mgr. dar FIPS 140-2 Good sandbox Con- App Web Mail tacts 9 February 2011 innovative applications of science and technology 14
  • 15. Office of Science and Technology “Demo” 9 February 2011 innovative applications of science and technology 15
  • 16. Office of Science and Technology Application Deployment Principles • Don’t break the usability and convenience • Strive for simplicity • Identify minimum technology footprint necessary to deliver the required functionality • Deliver cross-application integration where logical • Provide single sign-on where/whenever possible 9 February 2011 innovative applications of science and technology 16
  • 17. Office of Science and Technology Policy Implications • Personal vs. government devices • Personal uses – Applications – Data • Commercial application purchase and distribution 9 February 2011 innovative applications of science and technology 17
  • 18. Office of Science and Technology iOS Devices: More Like a Browser or a PC? Browser PC Personal “Apps” Locked/Managed Desktop (Facebook, YouTube, …) – white/black list No User-Installed (Personal) Apps Secure. Managed Browser (“Sandbox”) Device-Wide Management Reasonable Use Device Encryption 9 February 2011 innovative applications of science and technology 18
  • 19. Office of Science and Technology Where This is Leading: Notional Future Mix of User Devices • Phone, Slate, Virtual Desktop Infrastructure – Simple, manageable, highly functional mobile devices – Apps and data available anywhere / from any platform – Desktop interface and power if/when needed • Office “kiosks”; home – Tighter security management – Significantly lower cost per user 9 February 2011 innovative applications of science and technology 19
  • 20. Office of Science and Technology Staying Engaged • Regular progress meetings – open to DOJ Components • ATF POC – Michael Wallace, michael.wallace@atf.gov, (202) 648-9322 • USMS POC – Roland Perez, roland.perez@usdoj.gov, (608) 661-8225 9 February 2011 innovative applications of science and technology 20
  • 21. Office of Science and Technology Questions?
  • 22. Office of Science and Technology Backup 9 February 2011 innovative applications of science and technology 22
  • 23. Office of Science and Technology Architecture: ATF vs. Traditional Environment 9 February 2011 innovative applications of science and technology 23
  • 24. Office of Science and Technology Secure Email Solution Security • AES 256 bit encryption email and data • Certified FIPS 140-2 cryptography • Secure Sandbox solution and run time protection • Secure browser, file manager, camera, and image storage in the sandbox • ATF Application Distribution Store authentication Scalability & Reliability • Ownership of data, does not rely on external relay or Network Operation Center (NOC) • Dedicated and secured relay • Scalability by chained and redundant relays • Provide ATF with a flexible deployment strategy. Different Sandbox IPA to target different user groups Usability • Highly customized ATF Application Store • Over-the-Air (OTA) download and install Sandbox to the handheld device • Multiple home screen options inside the Sandbox • Support ZIP file attachment 9 February 2011 innovative applications of science and technology 24
  • 25. Office of Science and Technology Mobility Workforce Solution Enterprise Applications • Dashboard • Business Intelligence • WebTA • HRConnect • FO PettyCash • FO Documents Publishing Collaborating Applications • iWalkie • Secure Chat Room • GoToMeeting • eReader 9 February 2011 innovative applications of science and technology 25
  • 26. Office of Science and Technology Centralized Device Management Solution Provisioning • Assign group membership and policies • Configuring device for connectivity • OTA delivery of management client Production • Track asset data • Update/repair software • Distribute and update Large Object Binary (LOB) data and files • Software license usage and tracking • Schedule and automate activities • Remote control of devices Decommission • Disable lost/stolen device (remote kill/lock, access violation lock) • Restore data, redeploy software assets, re-provisioning and re-image device 9 February 2011 innovative applications of science and technology 26
  • 27. Office of Science and Technology Centralized Device Management Solution Afaria AirWatch Boxtone MobileIron Disable applications X X X X Broadcast SMS, APNs X X X X OTA Enrollment X X X X Over-the-air download and update X X X X Passcode policy enforcement X X X X Platform - Apple iOS X X X X Track inventory & audit compliance for corporate governance X X X X OTA self-provisioning of devices with central control X X X X OTA app deployment via enterprise app catalog X X X X Certificate management & distribution (SCEP) X X X X Enterprise Integration - Microsoft ActiveSync X X X X Web-based console X X X X AD integration (authentication, authorization, policy mapping) X X X X Feature enable/disable (camera, SD, Bluetooth, WiFi, apps, iTunes, cookies) X X X X Password enforcement (length, age, complex, inactivity, expiration, history) X X X X Application Blacklisting X X X X Application Whitelisting X X X X Asset management X X X X Fully integrated audit trail X X X X Enterprise Integration - Microsoft ActiveDirectory & LDAP X X X X Lockdown device port (Infrared, WiFi, Bluetooth) X X X X WiFi pre-config (SSID, Hidden Network, Security Type, Password) X X X X Detailed deployment & utilization by user, device, carrier, platform X X X X 9 February 2011 innovative applications of science and technology 27