Security Experts:

Department of Defense Makes Move Towards Android

While the move is far from a total change of stance, it looks as if the Pentagon has started to open its heart and mind to something other than BlackBerry. According to the latest Security Technical Implementation Guide (STIG) overview, the Defense Department is open to the idea of devices running Android 2.2, but so far only one device has made the cut.

Android in Department of DefenseDepartment of Defense AndroidThat device, Dell’s Venue, would have been joined by the Streak tablet until it met its demise at the manufacturer's chopping block. Other Android devices, such as those from Motorola, HTC, and Samsung, are not allowed. Still, the allowance of Android is a serious step forward for the open platform.

There are still plenty of restrictions however, including the lack of full feature usage on Dell’s device. Moreover, classified information will not find its way on to the Venue, nor will any aftermarket applications, as Google’s Marketplace is restricted as well. Browsing is restricted too, as all traffic from the Android device must pass though a DOD controlled proxy.

For years, BlackBerry has been the mobile device of choice, so the option of an Android device is a progressive step forward. Far from a huge leap, it still something that iOS has yet to accomplish, other than pilot program usage and testing. With that said, the government will have a hard time moving away from RIM’s BlackBerry, considering the full set of security features that Canada’s handset maker has developed and deployed over the years.

Speculation has it that if the Pentagon were to ever move to adopt Android for widespread usage, it would only be due to the fact that they developed a custom version of the mobile OS to load onto a given device. Perhaps a build that doesn't include Carrier IQ?

The STIG specs for Android, Windows Mobile, BlackBerry, and iOS can be found here

Developer Resource: 2011 Device Developers' Security Report

view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.