Begin with a focus for updating guidance (e.g. FIPS-201, NIST SP800-53) to call out for the use of strong authentication credentials (PIV, PIV-I, CAC) with mobile devices. Yes, the idea of attaching an additional device/sled to a mobile device in order to swipe,store, or scan your PIV/CAC card sounds cumbersome. But there is no reason why mobile devices can't be tapped to enable technologies such as cert-cloning/biometrics... more »
Government should foster secure, NIST compliant, collaboration and crowdsourcing technologies within and across government agencies to make information sharing more efficient and effective. A variety of information is collected across agencies, and agency-specific security limitations inhibit information transfer. Creating one collaboration platform accessible across agencies will increase speed of communication and information... more »
Mobility has brought home the need for an interoperable data strategy for the Federal Government that is simple and allows for an agency to express its vocabulary and usage through an HTML5 type of interface. There are numerous projects being developed and NIST needs to stand up and be counted in this exercise. Leaving it to OMB reference models will continue to hamper efficiency.