Tech

MobileIron earns security certificates, FedRAMP on the way

Enterprise mobility management company MobileIron is expected to earn two government security accreditations in the coming days, with a third coming by the end of the year.

By Greg Otto

March 21, 2016

Enterprise mobility management company MobileIron is expected to earn two government security accreditations in coming days, with a third, for the coveted FedRAMP cloud service stamp of approval, coming by the end of the year.

The Mountain View, California-based company’s MobileIron Core product has been credited with a mobile device management protection profile, or MDM-PP, by the National Information Assurance Partnership, a joint venture between the National Security Agency and the National Institute of Standards and Technology that sets and measures security standards for commercially available IT products used by the government.

Core also earned accreditation under the NSA’s Commercial Solutions for Classified program, known as CSfC, which has a similar evaluation scheme but clears companies to guard classified national security data

Dean Scontras, director of federal sales for MobileIron, told FedScoop the company’s enterprise mobility management product will allow agencies a transformative way to monitor its current mobile assets while allowing their enterprises to embrace both government-furnished equipment and bring-your-own-device options.

“Three years ago, [mobile device management] was wipe and lock the device,” Scontras said. “Now we are not only managing the device, but the application and the data. We’re not just talking about devices, we’re talking about a mobile enterprise, a mobile application backbone, and providing the infrastructure.”

Additionally, the company’s Government Cloud product is going through the FedRAMP — short for Federal Risk and Authorization Management Program — process, going through the U.S. Postal Service for its agency authorization. Despite learning about what agency they would earn authorization though last December, Scontras said the process has been “moving slower” than the company had hoped for. He said he expects a full ATO by December.

“There has been a lot of concern and consternation around [the FedRAMP process], but it’s our job to figure out how to abide by it and what we need to do to achieve certification,” Scontras told FedScoop.

Currently, MobileIron’s Government Cloud is listed on the Apps.gov product page as part of the NASA SEWP contract and its FedRAMP ATO is listed as “in process.”

[Read more: Innovation fellows revive Apps.gov]

In the coming months, Scontras told FedScoop that MobileIron will be focused on integrating identity management. He said the company has some proof-of-concept models around derived credentials, which were born out of the “questions and curiosity” they were hearing from agencies.

“That seems to be the nirvana of mobile computing,” Scontras said. “It’s not so much the legacy MDM features as the identity management aspect. I feel like if we can resolve that for DOD or civilian agencies, that will be a significant differentiator between us and our competition.”

Update, 3/22/16: A previous version of this story stated that there was conflicting information on MobileIron’s FedRAMP ATO listings on Apps.gov and the FedRAMP website. A representative for Apps.gov reached out to inform us that the yellow checkmark on MobileIron’s apps.gov page is an indication of the company’s ATO being “in progress.” Our initial story said apps.gov listed the ATO as complete.

Contact the reporter on this story via email at greg.otto@fedscoop.com, or follow him on Twitter at @gregotto. His OTR and PGP info can be found here. Subscribe to the Daily Scoop for stories like this in your inbox every morning by signing up here: fdscp.com/sign-me-on.