• How the Government’s Joint Information Environment Creates Secure Mobile Communications

    Mesh background pattern Mesh background pattern Mesh background pattern
    • The Department of Defense (DoD) and its key Information Technology players (including the Defense Information Security Agency (DISA) and the DoD Chief Information Officer (CIO) are embarking on a new enterprise technology project designed to increase the efficiency of the U.S. military in peace, crisis and war. This new environment is called the Joint Information Environment, or JIE.

      Goals of the JIE are to improve DoD’s ability to share information between elements of the military with other government agencies, and also with industry and academia when it’s required. This is a central piece of the information-sharing solution the government is putting in place to help ensure our nation’s security in the modern age.

      In an October 2012 interview, the DoD’s architect of the JIE, Dave DeVries, said, “If you think about it, everything we do is about sharing information, whether it be information about a known threat out there or how the forces are arrayed and how they’re performing.” He underscored that information is meaningless unless it is securely delivered into the hands of those who need it, and because there are so many separate networks in DoD, this is much easier to say than to do.

      The JIE will take separate networks and collect them into a
shared architecture, which is slated to be fully operational in 2016. DeVries said the JIE will provide every user with the ability to get onto a secured device wherever they are — at home, at work or on the move — to get the information they need in a secure, reliable fashion.

      Much of what the JIE will be doing is breaking down existing stovepipes and firewalls between the agencies and their networks, including major enterprise systems like email since each currently runs their own. The JIE is also relying on advances in cloud computing to enhance this new architecture, and will create a comprehensive strategy to ensure it’s secure. Like the best enterprises in the industry, the DoD sees a future where smart devices will be powered by the significant capabilities that can come from internal data centers via smart cloud computing activities.

      DoD’s Deputy CIO, Rob Carey, underscores how important the JIE is to DoD plans, stating it is “central to the DoD mission.” With the JIE, DoD seeks to meet a challenge of ensuring the delivery of information in a secure way to anyone who needs it from any device, anywhere, any time.

      Rob Carey describes this need for JIE by pointing out the following six key descriptors of the DoD IT infrastructure today:

      • Hundreds of suboptimal data centers and networks incur unnecessary costs.
      • Limited interoperability reduces information sharing and collaboration on mission threats.
      • Increased demand for new technology on rapidly evolving devices.
      • IT programs average 81 months each. They cannot rapidly and efficiently field new technology to meet needs on this schedule.
      • Cybersecurity vulnerabilities threaten to exploit classified information and endanger our national security.
      • Current IT delivery process hinders our ability to take advantage of new commercial technology.

      In meeting these challenges, Rob Carey, Dave DeVries
and others on the DoD team have designed an architecture for the JIE that consists of several key elements, including:

      • Common architecture and design, including implementation guidance.
      • Common identity management and attribute-based access control.
      • Common enterprise service approaches.
      • Common governance framework. Observers of the action underway in DoD now see these steps as positive best practices that can really help move the department forward to a more agile, responsive, economical state. In times where there is significant downward budget pressure, this is critically important.

      As you can tell from above, one item DoD leaders are paying close attention to is cyber security. Add to this the need to serve mobile users on a variety of devices and it brings up the very important need for policies, processes and technologies to protect information on mobile devices, including dealing with the increased need for visual privacy and compliance.

      Visual privacy is the need to protect information from being seen by the wrong person. When sensitive data is displayed on a screen it is vulnerable to viewing, either by “shoulder surfing” or by advanced optics used by more sophisticated adversaries. As DoD’s needs for agility increase, the implementation of JIE will result in not only more mobile devices but more laptops and desktops used in common areas, including common areas of secure facilities. Visual privacy remains a concern even in secure facilities since not everyone is cleared for all information. Information on screens must be protected from risk of exposure by passers-by. Visual privacy controls, such
as privacy filters on laptops or computers and privacy screen protectors on phones and tablets, are going to be an important part of the new DoD JIE, since they are a useful tool to prevent inadvertent disclosure of information to those looking at the display from the side.

      Did you know?

      • 17% of cell phone owners do most of their online browsing on their phone.1
      • 71% agree that by 2020 most people don’t do their work with software running on a general purpose PC, but instead they will work through Internet-based applications.2

      1Cell Internet Use 2012, Pew Research Internet Project, 2012.

      2The Future of Cloud Computing, Pew Research Internet Project, 2010.

      3M is a trademark of 3M Company. ©2015, 3M. All rights reserved.