Government Technology

What to Consider When Moving Off BlackBerry

June 25, 2012 By

Is your state or local government agency debating a jump from BlackBerry to another smartphone brand? If so, experts agree success is tied to the amount of attention given to the behind-the-scenes aspects of the project.

While smartphones in general are thought to be fairly intuitive to learn and operate, administrating their use and security can be fairly complex. The National Oceanic and Atmospheric Administration (NOAA) began moving to iPhones in 2012. Zachary Goldstein, NOAA’s deputy CIO, believes you’re likelier to have a smoother changeover if you treat the task as a full computer system overhaul.

Goldstein stressed the importance of remembering that mobile devices are small computers, not just phones. So all the things associated with a computer transition should be applied when moving mobile platforms.

“Like any IT project, you need to plan it, you need milestones and to manage it, and you need to hold people accountable,” Goldstein said. “Don’t think about it as just buying a different phone — it’s not. It’s a computer conversation, and you need to give it the respect that’s due and handle it accordingly.”

Technology analyst Rob Enderle of the Enderle Group agrees. Applied to business and government, the BlackBerry solution isn’t just a set of phones. The back-end ecosystem that comes with it — providing security, tracking and compliance functionality — doesn’t exist in any other smartphone system, Enderle said.

Third-party offerings are available for iPhones and Androids to provide those crucial functions, but agencies can’t simply remove a BlackBerry system for another platform and consider the project finished.

“In most cases, when companies or government entities yank out BlackBerrys, employees are often allowed to pick their own phone or device and use that instead,” Enderle said. “But if the tracking mechanisms aren’t in place, immediately the agency may be in noncompliance [with policies or law]. So thinking through that aspect of it becomes critical.”

Although NOAA isn’t yet operating a bring-your-own-device policy, Goldstein has three recommendations he believes federal, state and local government agencies should follow prior to ditching their BlackBerrys:

  • Procurement — Determine how the devices and associated data plans can be secured and do the proper cost comparison between platforms.

  • Support — Does your agency’s help desk have the ability to support other smartphones, and do staff understand the technology?

  • Data migration — Make sure a proper plan is in place to move sensitive information from one device to another.

Although NOAA is still in the midst of transferring employees to the iPhone, officials said everything has gone fairly smooth so far, with no real challenges or complaints. Darone Jones, unified messaging service operations manager for NOAA, said agency employees are looking to the future and are excited to see how the devices will improve productivity, particularly out in the field.

But Jones stressed the importance of planning ahead and being flexible and involved throughout the actual implementation process. Because as instinctive as some smartphones are from a user perspective, there will inevitably be employees who need a bit more support.

“Do the math ahead of time, treat it like it is an IT system, communicate and collaborate internally with all your folks,” Jones said. “And once the decision is made, then also provide the training to get [users] over the hump.”

Security Still Paramount

Despite the growing popularity of both the iPhone and Android devices, BlackBerry’s trump card remains security. Because the BlackBerry system comes complete with its own server and security package built into the back-end software, it remains a popular mobile platform for government users.

The iPhone and Android devices are more popular among consumers, but they also come with higher security risks.

Enderle said the Android platform generally has been found to be unsecure, primarily because it allows for sideloading, where individuals can transfer data between two devices using a USB port, Bluetooth connection or memory card. That helps spread “hostile” applications and malware that report information on the device to third parties and could be a serious problem for government agencies.

“At a recent enterprise event, about one-third of the companies were actively blocking Android for that reason — because it wasn’t compliant with security policies,” Enderle recalled. “With the proper back end, iPhone can generally be used and does now meet security [standards]. But you also have to wrap it with the appropriate applications so the device is properly secured.”

While NOAA ultimately went with iPhone in place of BlackBerry as its device of choice, the agency determined that the combination of putting additional security controls on the iOS platform, along with some tweaking of mobile settings in Google Apps for Government — which NOAA also moved to —  were sufficient actions to secure the devices.

Enderle, however, thinks it’s prudent for government agencies to spend a lot more time educating users on employee-generated problems. He said a good starting point is having discussions about the kinds of applications that can be loaded on a device. Placing restrictions on how the smartphone is used is another option.

In addition, Enderle said an agency’s IT support staff should be highly trained to look for problems and to identify and report issues that violate security.

“Some kind of remediation has to be in place to recapture the information or to identify the criminal activity and prosecute the behavior,” Enderle said. “So there’s quite a bit of training that needs to go into it because Android and iPhone are not BlackBerry.”

| More


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
McAfee Enterprise Security Manager and Threat Intelligence Exchange
As a part of the Intel® Security product offering, McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight advanced threats. You get the situational awareness, actionable intelligence, and instantaneous speed to immediately identify, respond to, and proactively neutralize threats in just milliseconds.
Better security. Better government.
Powering security at all levels of government with simpler, more connected IT.
Cybersecurity in an "All-IP World" Are You Prepared?
In a recent survey conducted by Public CIO, over 125 respondents shared how they protect their environments from cyber threats and the challenges they see in an all-IP world. Read how your cybersecurity strategies and attitudes compare with your peers.
View All

Featured Papers