I found myself nodding my head reading Jon Oltsik’s Apple and Google Make the Department of Defense Jump Through Hoops for Mobile Device Security, a story that broke Thursday. Summary: US spies and soldiers, just like everyone else, want to carry iPhones and Androids. The Department of Defense (DoD) wants them to be secure. But DoD is frustrated because they’re having trouble getting Apple and Google to prioritize their needs.
It turns out that I have personal experience with this little logjam. But first, some background.
DISA · That stands for Defense Information Systems Agency, which provides systems and coordination, and sets standards, across many of the organizations in America’s huge military and intelligence community.
For much of my life I was employed by “Enterprise” technology companies, where the revenue comes from a relatively small number of large contracts with big companies and organizations. Some of the very largest contracts tend to come from governments, and in particular from military services and intelligence agencies.
So senior management at this kind of company gets dollar signs in their eyes when defense business comes over the horizon. Anyone with significant responsibility at DISA is treated as an emissary from heaven.
It’s actually a little bit nauseating; the DoD community is such a huge customer that an accretion of companies have built up around it whose specialty, whose core competence, is selling to DoD. If you have to be in that business you pretty soon learn that things work better if you go into partnership with one of these guys. I’ve been in those kind of deals and found the whole ecosystem off-putting; corrupt, and corrupting. Not in the sense of bribes-to-pay, but in the sense that focusing on DoD’s needs tends to damage your ability to address anyone else’s.
But I Digress · Back at OSCON I met this real interesting guy from DISA who specializes in all things Open Source. Not surprisingly, he and I had a lot of common interests; in particular we had fun kicking around what kind of things you’d do to customize Android for DoD customers. I thought, and think, that for those guys the open-source nature of Android is a big win; first, they can see what’s inside, and second, if a hardware maker wants to cook up a custom version with security voodoo extending right down into the kernel, nobody’s going to be in their way.
It turns out, though, that just like it says in Oltsik’s piece, I’ve not been able to offer much practical help to my DISA contact, nor to any of several other DoD types who’ve been in touch. I haven’t been able to arrange behind-the-scenes briefings for generals or rewrite Android Market legals. The team had Gingerbread to bake and hardware to bring up and events to stage, and are just really busy. I bet that the relationship with Apple is about the same.
I was briefly shocked, with my experience of DISA-worship in the Enterprise-IT sector. But think about it: the total DoD head-count is estimated at around 2.5 million. If you pick demographics that you might want to pitch mobile devices to, here are a few that are similar or larger in size:
Korean teenagers
Euro-zone business travelers
Canadian retirees
World of Warcraft players
Indian cricket fans
This whole consumer-device business is oddly pure.
What Might Work · Here’s a recommendation for the people I know in the larger DoD community: Take the ball and run with it yourselves. Pull together a working group or equivalent and figure out what it is you need in a mobile device. Your best bet is to figure out how to layer what you need on a stock builds from Tier-1 builders, but if you have to have something custom-built, so be it.
I’d be totally unsurprised to see some incoming AOSP contributions from these folks before too long.
Comment feed for ongoing:
From: Melinda Shore (Dec 12 2010, at 23:56)
My experience on the vendor side has been that in general the DOD will impose some pretty idiosyncratic requirements and then spend - maybe - a few hundred thousand dollars. That's possibly a big deal if you're a small business and a complete waste of time if you're one of the very, very big vendors. I'd be less concerned with the size of their user base than I would be with how much they're willing to spend.
[link]
From: SteveL (Dec 13 2010, at 03:23)
The head count of the UK National Health Service is over 1M, so they're a good destination for mobile devices too. Think how different healthcare would be if everyone within the NHS could actually communicate via email rather than by sending faxes across the country.
[link]
From: Douglas Creager (Dec 13 2010, at 05:26)
You might want to check out the Mil-OSS working group http://www.mil-oss.org/ , if you haven't seen it yet. It's a group of like-minded contractors and gov't employees working to promote the use of OSS from within the DoD.
[link]
From: john (Dec 13 2010, at 06:47)
there is such a group, see:
http://www.mil-oss.org/
and
http://groups.google.com/group/mil-oss
[link]
From: Michael Wales (Dec 13 2010, at 13:03)
DARPA has also started seeking Android/Apple apps that may be of use to the military (see: http://www.theregister.co.uk/2010/03/01/darpa_military_apps/).
They've even skirted around the contract requirements. It's as simple as build it, prove it's worthwhile to the military and accept your check. Not to say that that is an easy process, but much simpler than convincing one of these organizations to seek a request for contract and commit a large amount of resources - it's still very early for that part of the game (although selling out to one of the larger contractors wouldn't be a bad deal either).
[link]