Processing Your Payment

Please do not leave this page until complete. This can take a few moments.

March 9, 2009

State reins in Blackberry use | Third-party downloads limited for state workers

President Obama may be the first president to use a Blackberry in the Oval Office, but the mobile device — which has appropriately earned the nickname “Crackberry” — has become a constant companion for thousands of state and federal employees over the last two years. The prolificacy of the Blackberry in government, while convenient and arguably an efficiency booster, has posed some challenges for government IT agencies, which are now required not only to manage the security of desktop computers, but hundreds of little mobile computers strapped to the belts of employees.

The difficulty has not been lost on Maine’s Office of Information Technology, which last month sent out a press release detailing a new policy for state employees who use state-owned Blackberries that prohibits the downloading of any third-party software without prior consent. The new policy was instituted Oct. 14 of last year.

Maine began handing out Blackberries to high-level employees in 2006. But as the technology became more prevalent, the devices were deployed to a wider range of employees. Now, roughly 700 Maine employees carry Blackberries owned by the state, a number that has almost doubled over the past two years, according to Greg McNeal, Maine’s chief technology officer.

Until recently, those employees were able to use their Blackberries as semi-personal devices, downloading whatever third-party applications they wanted. That freedom caused a problem for the state’s IT department, which found it impossible to manage the security and stability of these devices without knowing what had been downloaded, says Sandra Saunders, enterprise applications manager for the OIT’s core technology services. The unwitting download by employees of bugs and viruses also caused the destruction of a handful of state-owned Blackberries, she says.

Maine’s OIT is in the process of gathering a list of third-party software that has been downloaded onto state-owned Blackberries. The OIT has already identified between 15 and 20 third-party applications on the devices, with map programs and spell-checkers accounting for the majority of downloads. McNeal says many of the applications that already have been downloaded have a legitimate business need and will probably be approved for use.

He said a growing number of tech-savvy employees presents a problem between the state’s ability to manage the technology and the desire to gain efficiencies by the users. It’s further complicated by an infrastructure riddled with gaps that prevents the state system from interfacing with technology such as Apple’s iPhone. “The system isn’t mature enough to deal with that,” says McNeal.

Doug Robinson, executive director of the National Association of State Chief Information Officers, says Maine’s new policy is “standard operating practice in today’s environment because of the magnitude of threats out there.”

Each Blackberry is a mini computer and is essentially another access point to a state’s network that an IT department needs to protect — a job made more difficult when employees are freely downloading third-party software that could carry a virus and harm the device or, worse, threaten the security of the network. “Something that looks very legitimate certainly can be something that can cause harm, wipe out a device, or grab all your contacts on the device and emails them off to someone else,” Robinson says.

The vast majority of data breaches are “inside jobs,” Robinson says. “It’s not malicious employees,” he says. “It’s employees who don’t have the training, who don’t understand the magnitude of the threat and that’s what most states are challenged with.”

Whit Richardson, Mainebiz new media editor, can be reached at wrichardson@mainebiz.biz.

 

Sign up for Enews

Comments

Order a PDF