WASHINGTON — The chief information officer of the National Guard Bureau isn’t just pushing his troops to use new “Bring Your Own Device” software to access secure federal systems on their personal phones. Kenneth McNeill is a pilot user himself, and he likes the capability so much that he got rid of his government-issued phone — three years ago.
Since the early days of the pilot BYOD project, which uses an app made by tech firm Hypori, he’s done all his mobile computing, personal and official, on the same device, McNeill told Breaking Defense in an exclusive interview. That’s countercultural for a retired Army officer who spent 27 years working on military-issued equipment as part of the Signal Corps, but McNeill is confident his government data is secure.
In fact, that’s why the Pentagon picked Hypori over other BYOD approaches, he said. “We looked at other industry partners that have similar capability, yes, but this was settled on because of cybersecurity.”
The Army, National Guard Bureau, and the Pentagon Chief Information Officer spent years testing and evaluating Hypori before approving it as an official “enterprise capability” in July.
McNeill is so enthused about the technology that he aims to ramp up to 50,000 users across the Army National Guard. A small number of users across other military components are also trying out Hypori on their personal devices, including new Air Force CIO Venice Goodwine.
“She actually has a Hypori device, she’s had one for a while now,” McNeill said. “The Space Force has a couple of licenses, for demos just to see how it’s working, and [so does] the Air Force.”
From an initial pilot of just 250 users, the number has grown to 7,000, with a target of 10,000 “in the next few months,” he said. “We can probably get around 50,000 … within the next year.”
“It’s not just the Army National Guard and Reserve and [regular] Army,” McNeill said, “[but] we have the largest amount of licenses deployed.”
Why is the Guard leading the way on BYOD? Because, unlike regular active-duty troops, most of its personnel are part-timers who spent most of their time at civilian jobs and who are scattered around the country, rather than concentrated on military bases with government-run networks. In many cases, Guard troops must drive hours just to get to the nearest armory for their monthly drills — but senior non-commissioned officers and officers must be planning drills and checking up on troops every day.
“It is imperative we stay connected between drills,” McNeill said. “You can’t just not be connected until you go to drill that month.”
But even private companies have struggled to implement remote work and mobile devices, and the Defense Department is far more rule-bound and security-conscious.
“The risk of having an unauthorized device on military networks is so high, and the benefit is so marginal, they’re going to be risk averse,” said Emily Harding, a former CIA analyst and Senate Intelligence staffer now at the Center for Strategic and International Studies. “They certainly need to be careful and intentional as they proceed.”
Historically, the secure way to connect such far-flung federal users was to give each of them a separate, government-issued device that could only be used for official business. But with even low-end smartphones costing about $100 and high-end models costing over $1,000, widespread issue of government-furnished devices isn’t something Pentagon budgets can afford.
“Ninety-three percent of the Guard does not have government-furnished devices,” McNeill said. “Unless you’re a very senior commander … you will not have a government mobile devices, you will not have a cell phone or tablet.”
That reality can induce a lot of Guard leaders to use regular civilian apps like WhatsApp for official business. The result is a significant problem of so-called “shadow IT”: pockets of unauthorized information technology that may work fine on its own, but which agency administrators and cybersecurity officials don’t know about, can’t monitor, and cannot ensure it is securely handling government data.
Enter BYOD and Hypori.
Hypori: From SOCOM To Main Street
Hypori got its start in the shadow world of intelligence and special operations, CEO Jared Shepard told Breaking Defense, and has since grown into the “largest mobile platform in the Department of Defense.” (Hypori declined to provide specific statistics, citing confidentiality.)
Secure remote access for Guard members across the US was an unintended side effect, Shepard said: “We originally sold into SOCOM [Special Operations Command] and proved out a capability there….for the US military and intelligence communities for what’s called ‘denied space’ operations.”
In warzones or unfriendly countries, operators must often talk on a locally acquired cellphone — no walking around with flashy iPhones or US government-issued Blackberries — over networks that not only don’t belong to the US but may be actively monitored by enemy surveillance agencies. The goal, he said, is “freedom of maneuver … in an environment in which they are actively being watched by a nation-state actor or being targeted or tracked.”
“I found this little Austin-based startup that had not successfully gotten on the market,” Shepard recounted. Having failed to sell their product to the Pentagon, he said, “they had run out of money and were essentially abandoning the IP and going to auction.” Shepard saw the potential, bought the intellectual property, hired half a dozen of the engineers, and got to work.
The fundamental premise of Hypori’s design, dating to its origin in “denied space” special ops, is that the user’s mobile device has been or will be hacked, sooner or later. “We were zero trust before zero trust became a thing,” Shepard said. “Our platform assumes that the edge device is compromised.”
That means that device can never hold any of the data you want to keep secure. Instead, each user is assigned a cloud-based “virtual” device to hold that data and run the necessary software, all housed on a secure server somewhere in friendly territory. When the user takes out their personal device and opens the Hypori app, it connects to the virtual device. But that virtual device doesn’t send any of its data back to the user, only what amount to fragmentary screenshots of what it’s doing.
(It’s actually more complex, of course. As the company explains it, the virtual device is sending packets of pixels that only show how the screen should change from one fraction of a second to another. So even if the adversary intercepts and decrypts all Hypori’s transmissions to a given user, they face a jigsaw puzzle problem to put them back together into a readable image. This mobile BYOD approach is related to, but distinct from, a widely used approach called Virtual Desktop Infrastructure, which generally requires a secure device at both ends.)
In the simplest possible terms, if the user asks the location of the hidden Rebel base, Hypori doesn’t send them the text string “YAVIN 4” or a string of geographical coordinates, but a picture of the words and numbers, something the human eye can easily read but is more difficult for a machine.
The latest software upgrade, released Wednesday, adds the ability to see notifications from the virtual device on your personal device, even when logged out of the Hypori app, as well performance improvements, the company said.
But is it idiot-proof? As a long history of damaging leaks from junior personnel has shown, “You have a bunch of people who are new to the national security space making poor decisions sometimes.” CSIS’s Harding said. “[So] you really need any kind of bring your own device program to be so user-friendly that it’s very difficult to screw up.”
So how does Hypori look from the user’s end? “It’s transparent,” McNeill, the Guard CIO, told Breaking Defense. “Once you log in, you would think you’re on your government-furnished device or on your computer at work… It’s really easy to use – even for somebody like me, I like to joke with my staff: If a guy like me can maneuver through it, it must be okay.”