Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Good Technology Earns Defense Department Approval for Secure Android Platform

Good Technology Delivers New Military Grade STIG-Certified Android Solutions for U.S. Department of Defense Agencies

Good Technology Delivers New Military Grade STIG-Certified Android Solutions for U.S. Department of Defense Agencies

Good Technology, a provider of secure mobility solutions, said on Wednesday that its government-based subsidiary (Good for Government) has been approved by the Defense Information Systems Agency (DSIA) to provide mobile device management and DLP technologies for devices used on the DoD’s Global Information Grid.

Good Technology LogoThe announcement comes just after it was announced that the Pentagon will finally allow Android on its network. Currently, the only Android device approved by the DoD is the Dell Venue. Other Android devices, such as those from Motorola, HTC, and Samsung, are not allowed.

There are still plenty of restrictions however, including the lack of full feature usage on Dell’s device. Moreover, classified information will not find its way on to the Venue, nor will any aftermarket applications, as Google’s Marketplace is restricted as well. Browsing is restricted too, as all traffic from the Android device must pass though a DoD controlled proxy.

Dell’s tablet device also Android-based, the Streak, would have made the approval list as well, but Dell killed its development. Good Technology however, was already approved for usage on Streak, and Wednesday’s announcement centers on the point that the technology available for the Streak can be adopted and used on the Venue and other Android devices as they are approved.

Related Reading: Forget Mobile Malware. How Can Developers Protect Legitimate Mobile Applications?

Good Technology’s offering is the first STIG-certified Android OS solution that meets the requirements set forth by DoD Directive 8100.2, which mandates use of secure, multipurpose internet mail extension (S/MIME) in conjunction with a DoD common access card (CAC) and interoperability with the Department of Defense Public Key Infrastructure (PKI).

The secure Android platform leverages Good for Government technology to provide secure access to information stored within a command’s enclave and usually only accessed with desktops/laptops, such as command and control programs, as well as access to a number of powerful business applications on Dell devices that allows members of the military to operate with desktop-like capabilities in a protected mobile environment. Employees can also access critical agency resources behind the firewall, such as intranets or other web-enabled applications, through an integrated secure browser.

“The world of smartphones, tablets and mobile devices is evolving rapidly and changing the way DoD agencies think about everything from telework to continuity of operations (COOP) as well as information assurance. Having worked closely with the DoD for the past five years, we recognized there was a need to close the gap between what today’s DoD personnel were able to perform utilizing currently approved mobility platforms and what they wanted to do,” said Chris Roberts, vice president of public sector at Good Technology.

Advertisement. Scroll to continue reading.

Using Good for Government’s mobility suite, sensitive data from Microsoft Exchange servers located in DoD data centers can be passed and managed to Good’s email application to end-point Android devices wirelessly. The transmission uses a FIPS 140-2 validated cryptographic module with AES encryption. Thus, the data is protected in transit and at rest.

Good’s container-based technology prevents data leakage to non-secure applications. The DoD can use Good’s Web-based management console to manage Dell Android devices and all other device platforms on the network simultaneously.

The management console also allows administrators to block access from potentially compromised devices that may have been rooted by either the end user or a malicious attacker as well as to remotely wipe lost, stolen or retired smartphones to mitigate potential data leakage.

Related Reading: Forget Mobile Malware. How Can Developers Protect Legitimate Mobile Applications?

Developer Resource: 2011 Device Developers’ Security Report

On Demand Webcast: Protecting Data in Mobile Apps

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.