BYOD

[ATISJr]

First off, before I get grilled on a "use the search" I have and it came up with nothing, so I apoligize in advanced if this topic has been discussed in the near past.

I'm just wondering if anyone in here knows if we'll eventually be adopting BES12 with BYOD. It is a known fact that there aren't enough DWAN stations for everyone to have constant email access, even when some need it.

I personally would love to be able to access email on my BlackBerry Passport. I would have no problem, letting my device have CF provisioning installed, specially since with BB10 (and even with iOS, Android and WP app counterparts), BlackBerry has the secure workspace enviroment. So my personal use of my device would have no affect on the secure workspace.

Again, this is something I'd like to see, but considering we just finalized the Windows 7 Enterprise update, I don't know if this is something that is planned in the near or distant future.

 

[c_canuk]

my reaction below, though more moronic things have been done in the past, so who knows.

edit: more content rather than just a flip image post.


I don't have control of this, however here are my thoughts on why this will not happen.

1. Devices don't cost us money, we get them for free with our contract with the provider. Live numbers cost us money. and We're  under pressure to lower our usage of these devices.

2. You say that now, but once DND BES has lobotimized your BB and it becomes an email client with text and voice, with nothing else enabled, you'll chaffe pretty hard.

3. You must be new in a place where DWAN is not a priority for you at this point. When you need Email access you'll have plenty of access to terminals.

4. We don't want to increase our exposure to attack, that a massive proliferation of BBs on the network will allow. Nor are we interested in the huge capital cost to expand BES.

5. While BBs are much more secure than IPhone and Droid, they are more vulnerable than a desktop on premises and hard to keep control of.

6. If you are important enough that answering your email is all that is needed to enable the CA to progress, you will have a BB issued to your position.

 

[ATISJr]

why would BYOD be considered a bad thing when it can be controlled and maintained?

It would allow access to email when needed. To many times have I, or I have heard about someone being told to do something email/computer wise, but can't since there is never a computer open.

Most of the time, it's someone having to stop their work to allow someone else to do something.

BYOD would be the solution to that. Still use the fleet of phones as per how they're being used now, but set rules and regulations for a BYOD system within the forces. It's not such a far fetched idea, more just a issue of how to get the ball rolling/maintaining the system.

 

[PuckChaser]

So you get DWAN email access on your personal phone. Do you sign a waiver so that DND isn't expected to cover your data costs? How do you get your phone into work, when a lot of areas are going to EMSEC zoning? 450 Sqn is completely an EMSEC zone, with no personal wireless devices allowed. Lots of other buildings are this way too.

If you're having issues getting things done on DWAN that are work related, you need to speak with your supervisor and get it sorted out. Someone might just be sitting there checking TSN when you have work to do.

 

[ATISJr]

So you get DWAN email access on your personal phone. Do you sign a waiver so that DND isn't expected to cover your data costs? How do you get your phone into work, when a lot of areas are going to EMSEC zoning? 450 Sqn is completely an EMSEC zone, with no personal wireless devices allowed. Lots of other buildings are this way too.

If you're having issues getting things done on DWAN that are work related, you need to speak with your supervisor and get it sorted out. Someone might just be sitting there checking TSN when you have work to do.

This is true, and I have forgotten about everything changing to EMSEC zoning. Personally, as of late, I've been able to get access to a DWAN computer when I need one.

I guess overall, BYOD would come down to personal convience and something that I thought could've benefitted personnel, but didn't take everything else into consideration.

 

[Sig_Des]

I think I'd have a better chance of having Scarlett Johansson as a personal concubine  and having Bill Gates assigning me as the sole benefactor in his will, than SSC and DG(IM) approving any sort of BYOD.

Between the control of devices and services, it'd be a nightmare.

 

[211RadOp]

Not to mention, do you really want your CoC able to reach out and touch you at all hours of the day?  Trust me, you don't want that.

 

[RedMan]

So you get DWAN email access on your personal phone. Do you sign a waiver so that DND isn't expected to cover your data costs? How do you get your phone into work, when a lot of areas are going to EMSEC zoning? 450 Sqn is completely an EMSEC zone, with no personal wireless devices allowed. Lots of other buildings are this way too.

If you're having issues getting things done on DWAN that are work related, you need to speak with your supervisor and get it sorted out. Someone might just be sitting there checking TSN when you have work to do.

I assisted with the TCI of 450 Sqn, and that's a big place...  not being able to have cell phones would "devastate" the younger crowd starting to come in who can't imagine not being able to kill time without a good game of Crossy Road. 

 

[PuckChaser]

I assisted with the TCI of 450 Sqn, and that's a big place...  not being able to have cell phones would "devastate" the younger crowd starting to come in who can't imagine not being able to kill time without a good game of Crossy Road. 

I don't think you'd get much cell reception in there anyways, the giant steel and concrete hallways would prevent it.

 

[RADOPSIGOPACCISOP]

There's alot of policy issues regarding letting personal devices connect, process and store corporate information.

It's the same issues that prevent your home computer from being allowed to connect to the outlook webapp on DWAN. It's technically a easy thing to do, but there's alot of security concerns in doing so. There's no good way to ensure that people's computers are secure enough to process and store information and protect it from compromise.

Same goes for phones, while Blackberry and to a lesser extent iPhone are reasonably secure, there's no control over applications on Android devices, and there are many apps that are known to be malicious.

Even if everything was restricted to Blackberry and managed through BES, you are effectively giving DND complete control over the device, it becomes just as dull and boring as DND Blackberries.

Besides, just leave work at work. If something is that critical someone will call you at home.

 

[JBP]

There's alot of policy issues regarding letting personal devices connect, process and store corporate information.

It's the same issues that prevent your home computer from being allowed to connect to the outlook webapp on DWAN. It's technically a easy thing to do, but there's alot of security concerns in doing so. There's no good way to ensure that people's computers are secure enough to process and store information and protect it from compromise.

Same goes for phones, while Blackberry and to a lesser extent iPhone are reasonably secure, there's no control over applications on Android devices, and there are many apps that are known to be malicious.

Even if everything was restricted to Blackberry and managed through BES, you are effectively giving DND complete control over the device, it becomes just as dull and boring as DND Blackberries.

Besides, just leave work at work. If something is that critical someone will call you at home.

Hehe, imagine someone accidentally emailing classified information out along to their DWAN account or others... Because THAT'S NEVER HAPPENED BEFORE.... I can barely keep normal users from wreaking havoc on a normal DWAN workstation let alone a BYOD. Then the CIS Tp would become the "Hey my AndroidIphonePhablet doesn't work can you people make it work? ... What do you mean you don't have training on this! YOU ALLOWED IT ONTO THENETWORK?!?! THIS IS UNACCEPTABLE! I need to play my games AND check my email at the same time because I'm super important Sgt Bloggins!"....

FML.... If we do the BYOD thing I'm OTing... Most of the military has just caught on to the fact that there's this "IP address thing" that's kind of like a "Phone number for a computer! All unique and stuff!"... HA@! SEE! I can be a tech like you guys eh? I get this stuff, no big deal eh? HA!...

:facepalm:

 

[rmc_wannabe]

Hehe, imagine someone accidentally emailing classified information out along to their DWAN account or others... Because THAT'S NEVER HAPPENED BEFORE.... I can barely keep normal users from wreaking havoc on a normal DWAN workstation let alone a BYOD. Then the CIS Tp would become the "Hey my AndroidIphonePhablet doesn't work can you people make it work? ... What do you mean you don't have training on this! YOU ALLOWED IT ONTO THENETWORK?!?! THIS IS UNACCEPTABLE! I need to play my games AND check my email at the same time because I'm super important Sgt Bloggins!"....

FML.... If we do the BYOD thing I'm OTing... Most of the military has just caught on to the fact that there's this "IP address thing" that's kind of like a "Phone number for a computer! All unique and stuff!"... HA@! SEE! I can be a tech like you guys eh? I get this stuff, no big deal eh? HA!...

:facepalm:

We need to get you of of the desert and back into the SR2 before the bodies start piling up ;D.

More on topic, we technically have everything we need to have BYOD capability already. Windows Server 2008 R2 allows for Remote Access server roles to be create and managed, even restricting or barring access based on Antivirus or OS.

Our IM and IT security policies are more of a hurdle than anything else. As much as technology has advanced and allowed for more interoperability between personal and business use devices, ADM (IM) is still about 20-30 years behind in understanding the risks and limitations that truly exist.

My assessment is that it will take a couple decades before DND catches up to industry in this regard.  A lot of new faces with more exposure to technology in the workplace need to make it to the policy drafting table before we will all be checking EMAA from the comfort of our own homes.

 

[SupersonicMax]

Hehe, imagine someone accidentally emailing classified information out along to their DWAN account or others... Because THAT'S NEVER HAPPENED BEFORE....
:facepalm:

The root cause I the problem would not be the BYOD but rather the knucklehead who sends classified info on DWAN (and I bet the impact would be the same, BYOD or not).

Yup, DND is behind.  BYOD is feasible (technically, in a manner that could meet our security requirements).  But, as highlighted, our overly restrictive policies and directives don't allow it. 

Should it be pushed?  I am not sure.  People that need mobile devices normally get one but with Shared Services controlling everything now, it has become more difficult to have access to a device even if you have a legitimate need.  Perhaps having a BYOD option is a solution to that problem...

 

[Kirkhill]

Saab Tacticall

http://www.twowaytalk.ca/transform-push-to-talk.html

(Jeez: I have to see about getting a commission from the Scandinavian Chamber of Commerce - I luv their kit).

PS - Why can't our Military-Industrial Complex look like theirs? Forget the Yanks - that system is bloated and unresponsive.  The Swedes and the Danes seem to be able to get their troops usable kit, in useful numbers, when they need it.  Why is that?  And why can't we do it?

 

[rmc_wannabe]

[quote ]

PS - Why can't our Military-Industrial Complex look like theirs? Forget the Yanks - that system is bloated and unresponsive.  The Swedes and the Danes seem to be able to get their troops usable kit, in useful numbers, when they need it.  Why is that?  And why can't we do it?
[/quote]

I think the Swedes realise the neighbourhood they live in doesn't give them a whole lot of time for lengthy R&D processes.

Getting it right the first time has both a cost saving aspect and a security blanket aspect.

Now if only we took the same approach with our procurement. ???

 

[George Wallace]

I think the Swedes realise the neighbourhood they live in doesn't give them a whole lot of time for lengthy R&D processes.

Getting it right the first time has both a cost saving aspect and a security blanket aspect.

Now if only we took the same approach with our procurement. ???

You can't buy votes by doing that, so we don't do it.

 

[c_canuk]

I would like to point out that BYOD is just the lastest exploitive tactic in big business' race to the bottom.

In no way should we be switching to a model that would have our troops be put in a position of buying their own ~$1K device out of their own pocket just so that it can be taken over by SSC, functionality removed, and used to intrude in their down time. Especially since we get our current devices for free with our mass contracts.

What next, Bring your own AR-15, to be converted to select fire and kept locked up in the armouries with no modifications outside of DND authorized allowed?

We should be encouraging the disuse of smart phones period. It's my opinion that they damage the ability of 2ICs to step up and gain experiance since the IC is always contactable. The 2IC never gets a chance to make descisions until they become an IC. Meanwhile ICs are getting burned out because they feel obligated to keep up with their SA because a device was provided. They know if they let something go tits up while they are out, the question will be raised, "Yes we know you were on your honey moon, but why didn't you use the BB that the crown so generously provided?!?!"

 

[PanaEng]

Here is evidence on the dangers of having your own devices in operations; it's related to android devices but there are similar exploits for other OSs (feel free to move to wherever it is more appropriate): http://www.cbc.ca/news/world/report-russia-hack-ukraine-1.3908398

 

[Naomi Scott]

The root cause I the problem would not be the BYOD but rather the knucklehead who sends classified info on DWAN (and I bet the impact would be the same, BYOD or not).

Yup, DND is behind.  BYOD is feasible (technically, in a manner that could meet our security requirements).  But, as highlighted, our overly restrictive policies and directives don't allow it. 

Should it be pushed?  I am not sure.  People that need mobile devices normally get one but with Shared Services controlling everything now, it has become more difficult to have access to a device even if you have a legitimate need.  Perhaps having a BYOD option is a solution to that problem...

Canadian army is not ready to defend Canada against any kind of classified information. The playing game with a huawei is a right example. They can only ask someone else's. I have serious doubt about their capabilities. Seriously, I have you watched terrorists from 9/11. They are not so strong dudes despite a knife if you can't combat, you would not survive to my highschool. 

 

[Cloud Cover]

If Canada gets attacked by classified information, we’ll just file an ATIP and litigate the enemy to death. Sorry ‘bout your high school, that’s ruff.