Plunkett told the Armed Forces Communications and Electronics Association that NSA is focusing its mobile device security strategy on “commercial solutions” for classified communications.
“We very strongly believe that, in the absence of our ability to leverage the capacity of industry to deliver security and components that we need, we will not be able to meet the demand signals from our customers”, she said. “So it’s our intent to do just that.”
NSA is focusing on partnerships with industry in order to understand the “intricacies of certain capabilities”, develop architecture, and test concepts.
Plunkett admitted that a “culture change” will be needed by the US government. “We’ve got to be able to operate in that same cycle [as commercial technology] as we’re looking at putting smart devices in the hands of government users. We’ve got to be able to move quickly enough such that we can also evaluate those new devices and put them in the hands of users in enough time while those devices are not obsolete”, she stressed.
The NSA official said the mobile transition will rely on a “cloud” concept, particularly in the case of customers in hostile environments who cannot afford to waste time after a device is lost.
Plunkett suggested providing users with a mobile device with the appropriate safeguards in place and nothing stored on it. Using the cloud concept, if a device is lost, it could simply be disconnected from the infrastructure, she explained.