January 17, 2013:
The U.S. Department of Defense recently made a deal with Microsoft to obtain Microsoft products (operating systems and apps) for some two million military users (mostly in the army and air force) for about $100 a year (for three years) per user. This is a typical software licensing deal for large organizations (usually corporations). In the future the military will be spending more attention, and cash, on smaller computers, but for now the military is using more of both the larger and handheld computers.
While users (including military) are shifting to smart phones for many of their computer needs, the desktop and laptop PCs are still doing most of the work in the military. A decade ago the operating system of choice was Microsoft Windows (over 90 percent market share). But now, when you include smart phones and tablets, Windows is on only 35 percent of the PCs (compared to 45 percent for Android and Apple IOS devices). Android is currently on over 40 percent of new computers (desktops, laptops, smart phones, tablets) sold, compared to 24 percent for IOS and 20 percent for Windows. Hackers and Internet based crime is also shifting from Windows to Android and IOS devices. The military is working hard on providing better security for these handheld computers.
In the past the U.S. Department of Defense often created custom versions of Windows and installed their own automated security features and automatic software updating systems. The reason for all this is that the Department of Defense cannot attract a sufficient number of qualified security experts. The military has to compete with the commercial sector for these scarce security personnel, and with the shortage of such people, government pay and benefits cannot compete. But the government does have other resources, which make it possible to develop custom automated security systems.
For example, the NSA (National Security Agency) has worked with Microsoft on security aspects of the Windows 7 operating system. This was nothing new. Earlier, NSA worked with the U.S. Air Force and Microsoft to develop a special version of Windows XP, one that had over 600 operating system settings shut down or modified so that hackers had a harder time penetrating air force network security. Some of it was simple stuff, like ensuring that the highest level password (the admin password, which gives you access to everything) can never be the same as a lower level (user) password. The system was also modified to have passwords expire every sixty days, forcing users to create new ones. NSA also assisted in preparing a special version of Windows 7.
The military has another advantage in that they can impose more discipline on how their personnel use their PCs and networks. This makes it easier to build in additional security features and regularly update those items. The big weakness the Department of Defense networks have is their exposure to the Internet, which is awash in hackers and malware (software that will infiltrate PCs and steal or destroy your data). One solution to that has been the establishment of two large networks that use Internet software but are closed to civilian users. NIPRNET (Non-classified Internet Protocol Router Network) is the military network connected to the internet and has over three million servers. Although unclassified, NIPRNET contains a lot of logistics (supplies, including requests for stuff) and personnel matters (addresses, phone numbers, and even credit card numbers). Separate from NIPRNET is SIPRNET (Secure Internet Protocol Router Network). This net is not connected to the Internet and encrypts its data. This network is rarely attacked and penetrations are few, if any (all discussion of SIPRNET attacks are classified).
The Department of Defense is imposing similar controls and security features on their new smartphone operating system (an NSA tweaked version of Android).