Putting Text to the Test

By Mike Hernon and Bob Turner - Published, November 12, 2009

Delivering a robust enterprise mobility capability to the Department of the Navy workforce requires leveraging various wireless tools at our disposal. One such tool, Short Message Service (SMS), or text messaging, is often overlooked but can provide significant benefits when used appropriately.

Industry statistics, compiled by CTIA–The Wireless Association, show a definitive trend for individuals to let their "fingers do the talking." More people are using their phones for text messages and less to actually talk. In 1987, the average mobile call length was 2.33 minutes. In the following years, the number of mobile calls continued to grow until peaking in 2003 with an average call length of 3.07 minutes. By 2008, average call length was down almost a third to 2.27 minutes — less than what it was in 1987.

On the other hand, the number of text messages has increased dramatically from 14.4 million messages per month in 2000 to more than 110.4 billion per month in 2008.

Likewise, an analysis of DON usage shows a similar increase in text messaging. It is clear that people, including DON personnel, are changing the way they communicate.

Is it Safe?

There is a perception in many quarters that since text messaging is not secure, it cannot be used within the Defense Department or DON. Indeed, many believe that there is a department-wide prohibition on its use — which is not the case.

Generally, SMS and Multimedia Messaging Service (MMS) may be used if only unclassified, public releasable (i.e., not "For Official Use Only" (FOUO), sensitive or classified) information will be sent or received.

Additionally, an Executive Order, issued Oct. 1, 2009, prohibits all government employees from texting while driving a government vehicle or privately owned vehicle while on official business.

There are many aspects of texting that engender concerns regarding information assurance. Short Message Service was not designed to provide a secure, reliable or robust messaging capability. Text messages are not encrypted end-to-end and could potentially be read by people other than the intended recipient. Further, as texting has grown in popularity it has increasingly attracted the same scam artists and hackers that attack the wired environment.

Techniques such as spamming, phishing and spoofing now use text messages to target mobile phone users and may be more of a threat in this environment because Short Message Service does not provide authentication of either the sender or the content.

Viruses customized for mobile devices can use text messages as an entry point to control or disable a device (in addition to user-initiated downloads and e-mail). The assignment of phone exchanges to mobile operators makes the job easier for attackers because they can better direct their automatic dialers to cellular devices.

So, is it safe? Well, not 100 percent!

"R U OK?"

One of the most appealing aspects of text messages is that experience has shown that during regional or national calamities when cellular networks are bogged down with callers, text messages often get through without any trouble. This is due to the fact that Short Message Service works on a control channel in the provider's network, not the traffic channel where voice and data services are provided.

This was evident during the Sept. 11 terrorist attacks when network demand seriously obstructed cellular voice traffic in New York City and Washington, D.C., but text messages got through. Thus, there may be circumstances where SMS is the only viable means of communication.

When it comes to cellular devices, most people "Don't leave home without them." As a result, Short Message Service provides an efficient platform for applications beyond standard phone-to-phone messages between two individuals.

There are a number of applications where users can sign up to receive text messages to alert them to pre-defined conditions or circumstances. The National Weather Service provides an alert service for adverse weather conditions in user-defined areas at http//inws.wrh.noaa.gov/.

After the devastating hurricanes in 2006, New Orleans launched NOLAReady, a notification system for first responders, as well as the public, at www.nolaready.info. Other applications offer stock market reports, sports scores, e-mail notification and many other alert options. A number of public safety departments use SMS to track vehicle locations to enhance crew safety as well as to assist in dispatching first responders. A text message has more than sufficient space to transmit GPS coordinates and other data, such as speed and direction, to support this capability. Using SMS also frees up bandwidth for voice or more data-intensive applications.

To protect against viruses and other malware, one popular SMS-based application is not available to DoD and DON users. Downloading any sort of code, such as ring tones or MP3 files, to a mobile device is prohibited under DoD Directive 8100.02, Use of Commercial Wireless Devices, Services, and Technologies in the Department of Defense Global Information Grid (GIG) of April 23, 2007.

Always Practice Safe Texting

None of the mobile technology tools we use are 100 percent secure. Like every other technology we use on a daily basis, the risks and benefits of Short Message Service must be analyzed to determine how to implement this capability. The Navy and Marine Corps Designated Approval Authorities (DAA) conduct such analyses on a daily basis.

The DAAs consider texting to be safe as long as content is limited to only unclassified, publicly releasable data and no applications are downloaded.

Within these constraints, Short Message Service may be used in any manner that might contribute to your productivity or efficiency. Keep in mind that Short Message Service is not a guaranteed delivery system; Marine Corps personnel using text messages during Hurricane Katrina found that while many messages got through, others were delayed by several hours until they were delivered.

In the final analysis, Short Message Service can play a key role in enhancing enterprise mobility across the DON when used appropriately.

Please send questions or comments to the DON Wireless Team.

Mike Hernon is the former chief information officer for the city of Boston and currently serves as an independent consultant. He supports the DON CIO in a variety of areas within the enterprise services management group including telecommunications and wireless strategy and policy.

Bob Turner supports the Naval Network Warfare Command office of the Designated Approval Authority.

TAGS: Cybersecurity, Telecommunications, Wireless

Related News
Related CHIPS Magazine