Mobile devices have long been a double-edged sword for government. They’re inherently vulnerable to being lost, broken, or leaking data and very often staffers want to use their own phones rather than a secure phone that comes complete with electronic monitoring software. Now, an Australian company wants to change all that. Cog Systems claims it has the most secure, most user-friendly mobile device on the market.
Cog Systems has teamed up with device manufacturer HTC to include its D4 Secure Platform on the HTC One A9. The phone will be available at the same price point as the regular consumer version but includes multi-layered encryption, making it government user ready.
Cog Systems primary business is designing and implementing ‘hardened’ mobile devices for government. The company uses the D4 Secure Platform to develop SDKs for specific categories of connected devices. D4 Secure SDKs offer both data and system security without making significant changes to the user interface. So, for example, if a user is used to the consumer version of the Android operating system they won’t have to learn all kinds of new commands or deal with less intuitive applications just to have a secure phone.
“For the past two years, we’ve been hardening devices for governments and intelligence organizations and through that process, we developed an institutional knowledge of how to do provide security that works for users and also passes the highest certification levels,” explains Cog Systems’ chief marketing officer Carl Nerup, in an interview with CivSource.
According to Nerup, one of the most significant differences with the D4 Secure SDK, is that it relies on a modular approach to security instead of a sprawling security architecture common to other devices. Going modular allows Cog Systems to build in several different layers of security while still enabling the full Android operating system so that users can run any app they want to. For users interacting with the phone, the only way to tell it is running that many security layers is to pull up the IP address and security profiles. Otherwise, the user experience is the same as an off the shelf product.
The device is built on a type 1 hypervisor with enhanced storage encryption, non-bypassable VPN and also has support for nested VPNs. Hypervisor gives Cog Systems the ability to intercept any potential issues arising from the phone as it accesses Qualcomm’s TrustZone, which was compromised last year.
The U.S. Department of Defense recently acquired the first round of commercially available devices for their own internal use.
The device will launch tomorrow to general availability. Cog Systems will be showcasing the device at the Mobile World Congress currently underway in Barcelona, Spain.