WASHINGTON -- As federal CIOs develop new strategies to support an increasingly mobile workforce, they will inevitably have to decide whether or not to adopt a bring-your-own-device policy, just as a similar challenge confronts their counterparts in the private sector.
For some agencies, the answer is a hard "no."
"I'm not doing BYOD," says Coast Guard CIO Rear Adm. Robert E. Day Jr., who also serves as director of the Coast Guard Cyber Command.
Day, speaking at a federal IT conference hosted by the media group FedScoop, explained that many agencies dealing with sensitive or classified information are sticking with government-issued devices in the absence of clear policies for the use of personal equipment in the workplace.
The fear of losing sensitive data has kept many federal CIOs from adopting BYOD policies. It's not necessarily that the devices themselves are insecure, according to Day, but if a worker's personal phone with work data stored on it is lost or stolen, and security protocols would normally dictate that the device be remotely wiped, would the agency IT staff then be compelled to erase all the contents of the phone?
"There's the issues of what if I wipe your device and you lost all the pictures of little Susie and little Johnny and they weren't backed up? We're going to have to have some policies that go into place with this and figure that piece out," he says. "Having full MDM (mobile device management) capability across the device is absolutely key."
"We're going to have to have some limitations on a personal device and then, again, the documentation that you are going to sign over saying that if I blow your device away with all your financial data and all your pictures that you did not back up, I'm not responsible for that," he adds. "I think we're going to get there, but until I get those security pieces put into place it's going to take a bit."
BYOD Security Biggest Concern
Security, more than any other factor, is the greatest concern for CIOs like Day, who worry that loose management policies would open the door to intrusions into the device that could compromise sensitive government or enterprise data.
"What about a keyboard logger being installed on your private side of the device, and it's not the part that I'm managing?" he asks.
Federal CIOs' stance on BYOD, which varies from agency to agency, remains a work in progress, as is the gradual shift to the cloud and other government IT priorities that the Obama administration has outlined.
Last January, Federal CIO Steven VanRoekel announced the launch of a government mobile strategy, tasking departments and agencies to develop guidelines for the devices they would allow into the workplace, along with a host of other mobility issues, including policies for apps and suggestions for deploying mobile technology to drive efficiencies and deliver better services to citizens.
Sign up for CIO Asia eNewsletters.