Education Dept. banks on ‘app store’ to bolster mobile security

Department of Education deputy CIO sees enterprise app store model as way to strengthen agility and security.

The Department of Education is rewriting its lesson plans for mobile computing.

From building a bring your own device program, to envisioning a department “app store,” agency IT officials are harnessing a variety of technology developments to make the department run smoother and more effectively for employees than ever before, Deputy Chief Information Officer Steve Grewal said in an interview with FedScoop.

“The last three or four years, primarily what we did in the mobile space was focus on legacy [BlackBerry] devices,” said Grewal, who has worked for the department for about 4 1/2 years. Now, he said, “we started to explore other options and have rolled out a series of new platforms” like Windows mobile software on handheld devices.

“It offers tighter integration from an end-user perspective,” he said. “Because we are a Windows shop, [but] we have Apple iOS tablets, iPhones and iPads for standard email services and basic collaboration capabilities, which has been an interesting evolution.”


But perhaps the most creative plan in the works for fiscal year 2016 is to build an app store for employees, which Grewal said would strengthen security internally.

“The vision for us is to actually have a Department of Education app store where [employees] will be able to connect to a corporate app store where we can pick and choose the applications that are made available inside the department,” he said.

In terms of cybersecurity, Grewal understands that internal risks can be as important to address as external threats. He has to raise the question: Are employees conducting government business on their mobile devices? And are they complying with records management regulations?

The concept behind whitelisting and blacklisting on mobile devices — in this case, the process of filtering out unwanted apps — would help users by only giving them access to secure ones, Grewal said.

“In an app store scenario, let’s say we only want you to use traditional SMS text messaging for communications — so you wouldn’t be able to download the WhatsApp messenger,” he said, referring to the popular free messenger service as an example.


He envisions offering curated apps would help workers be more mobile “so they’re not tethered to a traditional desktop — they can move around buildings and continue using systems and services they can rely on.”

The department is also testing virtual desktops to encourage teleworking and help consolidate building space. Agency employees are spread out across five buildings in the D.C. metro area. Grewal said the mobile initiative could conserve space by creating digital workspaces.

“If you telework three days a week and decide to come in, everything should follow you,” he said. “So your configuration, your drives, everything should be seamless to the user.”

The virtual workspace could also allow employees to reserve meeting rooms or procure services “on demand,” he added.

Other key initiatives include transitioning from a traditional virtual private network to a Web-based virtual private network, or VPN, so employees are not tied to a piece of software on their machines, and introducing a McAfee mobile device management platform.


For its BYOD program, tech operators load McAfee software on employees’ personal tablets for easy access to their government emails.

And in July, the agency is moving email to the cloud, which will reduce costs and increase storage size, Grewal said.

“The mailbox sizes are tremendously larger in the cloud than we had on premise, and it was also cheaper, so it was cost-driven,” said Grewal, who works with about a $100 million budget for IT services.

Taking a 4,400-employee department into the 21st century doesn’t come without its challenges.

“Culture change is always tough,” Grewal said. “At least with the cloud migration, from a user interface perspective, they are going to continue using Outlook. We’re trying to minimize end-user change while we continue modernizing.”


Grewal acknowledged government does not have a “super tech savvy workforce, so if we went to Google for email like [the General Services Administration], it would be a huge disruption.”

Still, IT officials do routine workshops and training to alleviate any confusion.

“We’re shifting to a more agile capability delivery,” Grewal said.

Read more of FedScoop’s special report, “Focus on Mobility 2015.”

Latest Podcasts