• Great articles on other sites
  • RSS Great articles on other sites

  • Blog, Enterprise IT - Written by on Wednesday, December 4, 2013 16:26 - 21 Comments

    Defence finally allows staff iPhones, iPads

    ipad-mini

    blog The iPhone first launched in Australia in mid-2008; the iPad in mid-2010. The Australian Signals Directorate (you know, the agency which has been spying on the Indonesian President and discussing handing over data on Australians to foreign intelligence agencies) approved iPhones and iPads for classified Government communications 18 months ago in April 2012. But it’s taken until now — five years after the iPhone first hit Australia and three and a half years after the iPad launched — for the Department of Defence to finally agree to allow its staff to use the devices, instead of the BlackBerry handsets they’ve been used to for a decade now. ZDNet tells us (we recommend you click here for the full article, it goes into a lot more than just this area, representing a comprehensive interview with Defence CIO Peter Lawrence):

    “As with most government agencies, Defence has had a traditional reliance on BlackBerry for mobile hardware, but like many government agencies, Defence was now looking to move away from being an exclusively BlackBerry shop in early 2014.”

    I wrote a little bit about this problem in my article last week about the need for a good technology policy think tank in Australia. iOS is generally considered a very secure and modern mobile platform — certainly more secure than Android and a heap more modern and functional than BlackBerry’s various offerings. Yet it has taken five years for the Department of Defence to allow its staff to procure iOS devices. As I wrote in that article:

    “… the Government has suffered a constant failure of policy vision. It has missed the boat on adopting almost every modern technology, from collecting and processing Australians’ data online to cloud computing to mobile and social platforms. State Governments have been even worse, underinvesting in their basic technology infrastructure to the tune of billions of dollars and suffering billions of dollars of IT project failures.

    Most government departments and agencies are horribly inefficient when it comes to their technology operations, and IT project disasters are now the normal state of affairs in our state governments.”

    Sure, Defence has valid security concerns about new technology platforms. Sure, the secrecy of classified Government information is very important. But does anyone really believe that BlackBerry’s operating systems have been inherently more secure than iOS over the past half-decade? And just how much productivity has been lost in major Government department such as Defence over that period as bureaucrats and military personnel struggle with BlackBerry’s outdated technology? When you consider the scale of a department like Defence (it has more than 65,000 staff), the scale of any technology inefficiency becomes magnified massively.

    In your writer’s view, Defence’s sluggishness in adopting valuable new technologies is a perfect example of failed Government IT policy. Let’s hope the department does not take five years to assess fundamental technology leaps such as the iPhone or iPad next time they come around. Experience has shown even minor technology improvements (such as allowing web browsers with tabbing functionality or deploying secondary monitors) can have a huge impact on productivity. The benefits of opening up a major department like Defence to competing mobile suppliers should obvious to all.

    Image credit: Apple

    submit to reddit

    21 Comments

    You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

    1. Hmm
      Posted 04/12/2013 at 7:36 pm | Permalink |

      “But does anyone really believe that BlackBerry’s operating systems have been inherently more secure than iOS over the past half-decade?”

      This is effectively what this entire article is about.. based upon a question you ‘assume’ an answer too. Yet write the remainder of the article as if the adoption of i* products should be a given.

      Stick to reporting on matters you either understand about, or can quote sources for.`

      • Posted 04/12/2013 at 7:37 pm | Permalink |

        Happy to debate the issue if you can provide some evidence …

        • Shannon Pace
          Posted 05/12/2013 at 9:25 am | Permalink |

          not being snarky, but i would have thought the onus of evidence would be upon the writer of the article…

          do you know for certain that iphones or ipads ARE as secure as blackberries? if not, you really shouldn’t be speculating.

          also, what would staff be able to do on their iphones that they wouldn’t be able to do on their blackberries? i would like to know exactly what ‘inefficiencies’ are present by using one over the other…

          • Posted 05/12/2013 at 10:45 am | Permalink |

            I’ve been tracking both for a long time now, and haven’t seen any significant difference in the number of exploits released for each. Each has a pretty inherently secure system.

            There’s plenty of articles online about this — an example here:

            http://www.techrepublic.com/blog/cio-insights/iphone-now-as-secure-as-blackberry-say-tech-chiefs/

            “IT leaders and industry experts believe that Apple now roughly matches RIM on mobile security, removing BlackBerry’s last remaining advantage over the iPhone in enterprise.”

            • Shannon Pace
              Posted 05/12/2013 at 12:06 pm | Permalink |

              thanks for the link… i guess until there is a concrete way to compare security measures, then we can only go with this type of information…

              what would defence staff be able to do on i-equipment that they wouldn’t be able to do on a blackberry? do they have specific apps that they would be able to run on iphones? i don’t really get what the possible productivity increases would be….

              • Posted 05/12/2013 at 12:35 pm | Permalink |

                Up until BlackBerry 10, the productivity increases on an iPhone were quite obvious. Decent web browsing, for one … plus the fact that there are a stack of apps, including many corporate apps, which are just not available on BlackBerry.

                • Shannon Pace
                  Posted 05/12/2013 at 2:02 pm | Permalink |

                  but are defence using the web browsing much and what corporate IOS apps are they going to use now?

                  it’s one thing to say that IOS has more apps (which they obviously do), but which apps are defence going to actually use?

                  and where is the evidence that defence will use these IOS apps, as well as the evidence to prove that IOS is as secure as BB? just because CIO’s say it is, doesn’t make it so…

        • Sylvan
          Posted 05/12/2013 at 10:36 am | Permalink |

          BB does have a lot of inherent security over iOS and Android. Both iOS and Android are monolithic kernels. BB is not.

          BB10 is a microkernel, meaning it has hardware protection preventing the vast majority of conventional software attacks. BB7 is pretty vague, since they don’t really publish what BB7 is under the hood, but from the description, it runs a virtual machine like the JVM, which would impose a sandbox on applications, adding to security.

          For example, iOS is several millions of lines of code running in kernel-mode address space (including device drivers). All it takes is a single bug for the whole system to be compromised.

          BB10 on the other hand, runs only a few thousand, and device drivers should be running in their own address space, meaning an exploit on one kind of driver can’t compromise the whole system.

          So, yes, people do believe BB is inherently more secure than iOS.

          • Posted 05/12/2013 at 10:40 am | Permalink |

            Technically you are indeed largely correct (although the security difference with microkernels is still debated, and has been for several decades), but we really haven’t seen any significant difference in the number of exploits for BlackBerry operating systems and iOS over the time iOS has been in the market. To my mind this is the real test — reality versus theory.

            • Sylvan
              Posted 05/12/2013 at 1:34 pm | Permalink |

              That’s got nothing to do with the inherit security of the platform.

              The major reason iOS has little active exploits is due to the locked-down nature of the phones. No flash, no web GL, no way to replace the default browser. That stops attack vectors being exploited, rather than try to resist exploits themselves. This is able to replicated on any platform using decent MDM, and has nothing to do with the OS itself. (I assume defence is using some kind of MDM).

              I might be pedantic, but judging the strength of a platform by number of exploits, is like judging the safety of a car by the number of times it crashes. A car with more airbags is more inherently safe than a car with less air bags. This doesn’t mean a car with more airbags is going to be involved in fewer crashes.

              Likewise, BB is more inherently secure as it has more robust sandboxes and other features. Even if practical exploits isn’t necessarily reduced. What your saying is the practical security of the systems, not the inherit security. Maybe I’m pedantic, but there is a difference.

              As an side, I don’t know anyone who would debate that monolithic kernels are more secure than microkernels.

              • Posted 05/12/2013 at 1:41 pm | Permalink |

                So what?

                Inherent security versus practical security … I have no doubt upon which basis chief information officers make these decisions.

                • Sylvan
                  Posted 05/12/2013 at 1:54 pm | Permalink |

                  Because running BB with a reasonable MDM will provide more practical security than iOS under the same conditions, thanks to the inherent security of the OS. So for people like defence, this makes a difference.

                  • Posted 05/12/2013 at 1:57 pm | Permalink |

                    Again, there’s little evidence for what you’re saying — and there is quite a bit of evidence that chief information officers in general consider iOS as secure as BlackBerry.

                    I understand what you’re saying regarding the theory and I don’t disagree. But that theory has not bourne out in practice with evidence that iOS is less secure. And if you know anything about Delimiter, you’ll know I focus on evidence.

                    • Shannon Pace
                      Posted 05/12/2013 at 2:05 pm | Permalink |

                      CIO’s thinking that IOS is as secure as BB is not evidence, it’s their opinion.

                      where is the evidence that IOS is as secure as BB?

                    • Hmm
                      Posted 05/12/2013 at 2:29 pm | Permalink |

                      “And if you know anything about Delimiter, you’ll know I focus on evidence.”

                      And yet the premise for this entire article is written without ANY, at all. Just ‘hearsay,’ ‘thoughts’ ‘assumptions’ and your personal non-expert opinion.

    2. Posted 05/12/2013 at 2:24 pm | Permalink |

      hey guys,

      look, I can see this conversation is going to go on forever re iOS and BlackBerry. You’re never going to agree with me about it.

      My argument is that iOS’s functionality and productivity increases has long trumped any theoretical security weaknesses it has had — for both consumers and in the enterprise. I haven’t seen *any* Australian examples where iOS devices have been hacked and sensitive data stolen.

      Your argument is that BlackBerry’s platform has inherently better security than iOS due to its architecture and that this mediates against its adoption for certain organisations (eg Defence).

      Perhaps you’re right. Probably you’re right.

      But ultimately it doesn’t matter … BlackBerry will not be here in a few years, and organisations right around Australia are dumping it wholesale for iOS and Windows Phone right now. Defence cannot ignore that trend. No organisation can afford to. The market has clearly spoken. BlackBerry is all but dead.

      Renai

      • Hmm
        Posted 05/12/2013 at 2:36 pm | Permalink |

        You wouldn’t get so much negative response, if you didn’t pass off your personal thoughts as fact, then tell me I have to prove your assumptions are wrong – yet it is you making the assertions, and then link a tech republic article as ‘evidence’.

        What is worse is you then go on to response that delimiter content is based on evidence, yet have failed to provide a modicum of it for this article, it makes the entire debate/article farcical.

        The ONLY reason defence in Aus. and elsewhere (with similar requirements) are moving off Blackberry is because of a pretty simple risk based approach. Accept lower security with a product that will exist and be supported, or accept higher security with a product that will likely cease to exist. That risk profile is moving, more and more to the the former.

        They are not moving because the iPhone is as secure as a BB, they are moving because the likelihood of BB failure is now sufficiently high that the drop in ‘security’ offsets the risk of product abandonment.

        • Shannon Pace
          Posted 05/12/2013 at 2:51 pm | Permalink |

          absolutely agree with all of the above. if BB was more secure in its position, then i doubt that defence would bother to move.

          • Posted 05/12/2013 at 3:08 pm | Permalink |

            Mate,

            a little dose of reality here.

            Very few government departments or large organisations of any size pick one single smartphone vendor. Usually they offer at least two and sometimes three. Things might be more restricted if you’re dealing with classified communications a lot as part of your job, but a lot of Defence staff don’t.

            The fact that Defence only offers one option is quite the anomaly.

            Renai

        • Posted 05/12/2013 at 3:03 pm | Permalink |

          hey mate,

          look, I don’t disagree with what you’re saying, and I acknowledge that my initial response was a little glib. Your response was a little offensive, but I can forgive that.

          But clearly there is a wider point here. The wider market clearly believes that iOS is ‘secure enough’ to nullify that issue in terms of competition with BlackBerry. With this issue largely nullifed, iOS’s clear featureset improvements have gotten it across the line in most other large organisations.

          Yes, you’re right, security risk is a more pressing issue in high-security organisations like Defence. And this is why they’ve stuck with BlackBerry until now.

          But this doesn’t negate the overall point that iOS has been able to largely negate the security to the point that BlackBerry is now going out of business. In the meantime, by focusing on the security issue more so than other organisations, Defence has missed out on the advantages iOS does offer.

          I’d like to see that point acknowledged a bit more widely. Not everything is about security.

          ‘Security’ is also a misleading, catch-all phrase here. As we’ve seen with the cloud computing debate, we should be talking about such issues in a much more granular fashion than this. The cloud computing discussion has moved on from the debate about whether “cloud” is good or not, to what particular varieties of cloud (IaaS, SaaS, storage as a service, etc) should be applied, and where, and how, and when offshore, and when offshore, and when from an in-house datacentre, and when an external facility, and so on. What data should be stored where, what processing loads should be conducted where, is also a discussion.

          I’d like to see this same granular discussion applied here.

          My suspicion is that Defence could have taken a more granular approach to this. Not everyone in Defence accesses sensitive data at all. Many do not. Those staff could have been trialling iPhones/iPads long ago. Instead of iPhones, Defence could have worked with commercially available ‘hardened’ Android custom installs or iOS installs. And so on.

          There are so many options here that it’s not funny. And yet, what appears to have happened is that Defence stuck with one vendor, the one they had been with for a decade, until the absolute last moment, when it appeared that vendor was about to go out of business. In the process, they lost the chance to pursue the productivity improvements which have had major organisations all around Australia migrating to iOS. No matter which way you look at it, they’re behind the curve.

          These days cabinet documents are kept on iOS devices. Board documents for major corporations are. Ministers use iOS devices. And so on. Banks. Law firms. Etc. So many organisations with high security requirements are on board with this. As I mentioned, the ASD (which has historically sat WITHIN DEFENCE) cleared iOS for classified material 18 months ago.

          What the hell has taken Defence so long?

          You can see why I’m a little frustrated. We can sit here and debate all day about whether BlackBerry is theoretically more secure than iOS. But that’s completely ignoring the rest of the context here.

          ASD answered the question of whether Defence could use iOS 18 months ago when it cleared its use for classified communications. This means that, irrespective of whether iOS is less secure than BlackBerry’s offerings, it is STILL SECURE ENOUGH for use for classified communications.

          Defence knew ASD was working on that. In July 2011 ASD released a ‘hardening’ guide for iOS:

          http://delimiter.com.au/2011/07/05/cracks-open-in-dsds-ios-shield/

          And yet it still took 18 months for Defence to support iOS. 18 months, most of which during BlackBerry 10 was not available and Defence staff were sitting on a legacy infrastructure which they didn’t need to be. Hell, even from now it’ll no doubt take another few years or so until much of the BlackBerry fleet at Defence is migrated.

          None of you are wrong about BlackBerry probably being theoretically a more secure platform than iOS. But what you all seem to have missed is that this doesn’t mean iOS is not secure enough, as defined by the Australian Government itself. And yet Defence has still only now been able to get the procurement case across the line.

          There is a bigger picture here than microkernels, and there is a bigger picture here than the technical security superiority. There is a “real life” picture here, and that is the picture which CIOs deal with constantly. It’s what I report on constantly. I’m not as ignorant as you all seem to think I am.

    3. Posted 05/12/2013 at 4:16 pm | Permalink |

      As I said, the new comments coming in are not engaging with the wider issues I’ve raised. I’m sorry, but I tired of being attacked on the same grounds by people not debating the wider points. Comments closed.




    Get our 'Best of the Week' newsletter on Fridays

    Just the most important stories, one email a week.

    Email address:


  • Enterprise IT stories

    • Super funds close to dumping $250m IT revamp facepalm2

      If you have even a skin deep awareness of the structure of Australia’s superannuation industry, you’ll be aware that much of the underlying infrastructure used by many of the nation’s major funds is provided by a centralised group, Superpartners. One of the group’s main projects in recent years has been to dramatically update and modernise its IT platform — its version of a core banking platform overhaul. Unfortunately, the $250 million project has not precisely been going well.

    • Qld’s Grant joins analyst firm IBRS peter-grant

      This week it emerged that Peter Grant, the two-time former Queensland Whole of Government CIO (pictured), has joined well-regarded analyst firm Intelligent Business Research Services (IBRS). We’ve long had a high regard for IBRS, and so it’s fantastic to see such an experienced executive join its ranks.

    • Westpac dumps desk phones for Samsung Android mobiles samsung-galaxy-ace-3

      The era of troublesome desk phones tied to physical locations is gradually coming to an end in many workplaces, with mobile phones becoming increasingly popular as organisations’ main method of voice telecommunications. But some groups are more advanced than others when it comes to adoption of the trend. One of those is Westpac.

    • Ministers’ cloud approval lasted just a year reverse

      Remember how twelve months ago, the Federal Government released a new cloud computing security and privacy directive which required departments and agencies to explicitly acquire the approval of the Attorney-General and the relevant portfolio minister before government data containing private information could be stored in offshore facilities? Remember how the policy was strongly criticised by Microsoft, Government CIOs and Delimiter? Well, it looks like the policy is about to be reversed.

    • WA Govt can’t fund school IT upgrades oops key

      In news from The Department of Disturbing Facts, iTNews revealed late last week that Western Australia’s Department of Education has run out of money halfway through the deployment of new fundamental IT infrastructure to the state’s schools.

    • Turnbull outlines Govt ICT vision turnbull-5

      Communications Minister Malcolm Turnbull has published an extensive article arguing that the Federal Government needed to do a better job of connecting with Australians via digital channels and that public sector IT projects needn’t cost the huge amounts that some have in the past.

    • NZ Govt pushes hard into cloud zealand

      New Zealand’s national Government announced a whole of government contract this morning for what it terms ‘Office Productivity as a Service’ services. This includes email and calendaring services, as well as file-sharing, mobility, instant messaging and collaboration services. The contract complements two existing contracts — Desktop as a Service and Enterprise Content Management as a Service.

    • CommBank reveals Harte’s replacement whiteing

      The Commonwealth Bank of Australia has promoted an internal executive who joined the bank in September after a lengthy career at petroleum giant VP and IT services group Accenture to replace its outgoing chief information officer Michael Harte, who announced in early May that he would leave the bank.

    • Jeff Smith quits Suncorp for IBM jeffsmith4

      Second-tier Australian bank and financial services group Suncorp today announced that its long-serving top technology executive Jeff Smith would leave to take up a senior role with IBM in the United States, in an announcement which marks the end of an era for the nation’s banking IT sector.

    • Small business missing the mobile, social, cloud revolution iphone-stock

      Most companies that live and breathe the online revolution are not tech startups, but smart smaller firms that use online tools to run their core business better: to cut costs, reach customers and suppliers, innovate and get more control. Many others, however, are falling behind, according to a new Grattan Institute discussion paper.

  • Blog, Enterprise IT - Jul 5, 2014 13:53 - 0 Comments

    Super funds close to dumping $250m IT revamp

    More In Enterprise IT


    Blog, Telecommunications - Jul 5, 2014 12:12 - 0 Comments

    What should the ACCC’s role be in guiding infrastructure spending?

    More In Telecommunications


    Analysis, Industry, Internet - Jun 23, 2014 10:33 - 0 Comments

    ‘Google Schmoogle’ – how Yellow Pages got it so wrong

    More In Industry


    Blog, Digital Rights - Jun 30, 2014 22:24 - 0 Comments

    Will Netflix launch in Australia, or not?

    More In Digital Rights