Beyond BlackBerry: Pentagon opens its door to iPhones, Android devices

In another blow to RIM, the Department of Defense weighs ending its exclusive reliance on BlackBerry devices

In another blow to RIM's fortunes, the U.S. Department of Defense may be willing to consider smartphones other than BlackBerries if they can meet the government's tough security rules.

The DOD is inviting vendors to bid on software to secure non-RIM smartphones and tablets, according to a report by Reuters. The Defense Information Systems Agency (DISA) may award a contract in April 2013. The contract would cover 162,500 devices to start and ultimately reach 262,500.

[ Also on InfoWorld: U.S. government agency drops BlackBerry in favor of iPhone. | Get expert advice about planning and implementing your BYOD strategy with InfoWorld's 29-page "Mobile and BYOD Deep Dive" PDF special report. | Keep up on key mobile developments and insights with the Mobilize newsletter. ]

MORE ON RIM: BlackBerry 10 devices with carriers, launch on track for Q1 2013
RELATED: Is RIM ruined?

The request for proposals was posted Oct. 22, the day the U.S. Immigration and Customs Enforcement Agency announced it will end its contract with RIM to adopt iPhones instead, according to Reuters.

The DOD is not scrapping its BlackBerries, but expanding the devices it may allow for use. The Reuters story quoted a DOD spokesperson: "DISA is managing an enterprise email capability that continues to support large numbers of RIM devices while moving forward with the department's planned mobile management capability that will support a variety of mobility devices."

One of the companies bidding on the management software contract will be RIM itself, offering its BlackBerry Mobile Fusion application for managing Android and iOS devices.

The DOD's decision shows how dramatically the smartphone and tablet market has changed in the five years since the iPhone was first released. RIM has relied on its vaunted secure network connections, and device and operating system security to become the standard mobile device in many government agencies and security-conscious enterprises. It can no longer do so.

Apple has been steadily improving iOS security and management capabilities, adding on-device encryption, securing each device's unique AES encryption key, and adding programming interfaces for use by mobile device management (MDM) software vendors.

MIT's Technology Review had an assessment of Apple's iOS security evolution in August 2012. "Technologies the company has adopted protect Apple customers' content so well that in many situations it's impossible for law enforcement to perform forensic examinations of devices seized from criminals," according to the story.

But some of that protection hinges on making sure different parts of the security architecture are in sync, according to a December 2011 assessment by viaForensics, a digital security firm in Oak Park, Ill. "iOS provides and additional layer of encryption for files which implement their Data Protection APIs," notes a blog post at the company's website. "This additional encryption uses the device passcode as a component of the encryption keys and as such forensic examinations which simply bypass the passcode will not recover the data. [But] The additional protection is only applied if the developer enables the Data Protection APIs so most third-party apps, Web cache and other system data are usually recoverable."

Earlier this year, Apple published a white paper on its iOS security architecture. 

John Cox covers wireless networking and mobile computing for Network World. Twitter:

Read more about anti-malware in Network World's Anti-malware section.

This story, "Beyond BlackBerry: Pentagon opens its door to iPhones, Android devices" was originally published by Network World.

Copyright © 2012 IDG Communications, Inc.

How to choose a low-code development platform