Good For Enterprise from Good Technologies has just become the first non-BlackBerry mobile collaboration and device management software to be certified by the Defence Signals Directorate (DSD) for use in Australian government environments that require high levels of data security. Will that development also prompt more companies to consider these kinds of solutions?
As we've noted before, security decisions around bring-your-own-device can range from "we must lock everything down" to "use what you like and you can support it yourself". That latter approach doesn't work in more security-sensitive environments such as government, which is where DSD's imprimatur can become significant.
"A couple of years back the Australian government recognised that there was an opportunity to use iOS devices for productivity and efficiency savings, and to move beyond the use of just the BlackBerry," Good Technology public sector VP Chris Roberts told Lifehacker. "This is the first time since RIM did it that the DSD has certified any other platform for use at the protected level in the Australian government. It's a huge step forward from the mobility point of view."
While it does give government departments the ability to roll out secured iOS devices, the certification doesn't yet cover other platforms, such as Android or Windows Phone. That's potentially an issue given Android's growing popularity.
"Other platforms like Android and Windows will come," Roberts predicted. "Android is absolutely picking up steam around the world. The different permutations on the different devices are tough, and there are so many different releases of Android out currently You have to target specific hardware manufacturers who work with a specific OS in order to reach a baseline for certification. My expectation is that's next for DSD; I'm certain they want to extend this out."
To return to the main question: will this also encourage non-government businesses to use more robust mobile security? "I think that does happen," Roberts suggested, but he also noted that the government accreditation process is slow compared to the pace of mobile technology development.
"The certification and accreditations process has never been more important for governments, but the timeline around that and the way those processes has worked has to be examined. Common Criteria can take two years to achieve, and in mobile operating systems that's an eternity. The way they're evaluated has to be examined."
There's also a need to look not just at securing devices, but why we have them. "What I'm beginning to see is this move up the mobility maturity curve where there are real mobile strategies that take everything into account and focus on outcomes: not just who owns the device or how we secure it."