AltOS is geared to government customers requiring mobile access to sensitive data, performing sensitive missions, working in secure facilities, and/or traveling abroad.
CIS Mobile is a US startup backed by CIS Secure, with over $25 million invested to date in Android Open Source Project (AOSP) product development and patents.
Parent CIS Secure is the leading provider of TSG, Tempest, and Tactical hardened COTS communications and computing solutions to US and NATO Governments.
2. CONFIDENTIAL. ALL RIGHTS RESERVED.
CIS Mobile
CIS Secure
Specialist in hardening COTS telecom,
computing, and video conferencing devices
Government customers across
IC, DoD, LE, and Civilian Government
65,000 sq. ft. NSA-Tempest certified
production facility, labs, and demo center
150+ Staff in Ashburn, VA
2 decade history
CIS Mobile
Wholly owned subsidiary of
CIS Secure Computing
Focused exclusively on
FVEY secure mobility
Patented technology with
$25MM+ invested since 2015
Reference customers in
US, Canada, and UK
3. Consumer mobile device data exhaust and tracking
Vanderbilt study on Google data collection
Military fitness tracking
NY Times Pentagon and POTUS tracking
WhatsApp and Zoom tracking
Troops leave behind personal devices
“For the agencies that have prohibited personal
smartphone use for work, 40% of employees said the
guidelines have had little to no impact on their
behavior.”
4. CONFIDENTIAL. ALL RIGHTS RESERVED.
“High threat users”
Intel, military, LE, or IG targeted by:
Nation states
Organized crime
Terrorist organizations
Mobile users who:
Require mobile access to sensitive data / apps
Work in secure buildings / sites
Work / travel overseas
5. CONFIDENTIAL. ALL RIGHTS RESERVED.
Sample Use Cases
Google Google free
Hidden Containers – covert / overseas use
Later
Secure ModeTrigger Trigger Unrestricted
Use
Secure Mode
Google or no Google
Prevent leakage of sensitive data / meta data to third parties
Secure Mode – secure sites / missions
Google free – limit app store, launcher, and ad ID tracking Multiple containers – many phones to 1 and rapid deployments
Public
Persona
Hidden
Container /
Private
Persona
Prevent exfiltration of sensitive data
Address different job and security requirements
Prevent discovery of sensitive missions, apps, and data
Mission
Specific
Work
Personal
Unrestricted
Use
Key use cases
6. CONFIDENTIAL. ALL RIGHTS RESERVED.
AltOS Components
Operating System
Android (AOSP) + security
enhancements, system
services, containers &
embedded management
Management Server
Application, network, and
security management, control
and monitoring.
OTA Update Server
Distribution of updates and
security patches to altOS and
system software
Services
Maintenance and support,
security updates,
customization and devices
A mobile platform that provides the functionality, control, and
trust required for high risk mobile users (AWS or On-Premises)
7. CONFIDENTIAL. ALL RIGHTS RESERVED.
Supported Devices
Smartphones
• Pixel 3 and 3 XL
• Pixel 3a and 3a XL
• Sonim XP8 – Ruggedized
Our Alternative Android OS (altOS) is flashed one time onto standard Google Pixel 3a/3a XL smartphones and hardened Sonim XP8 smartphones then maintained OTA from a web-based console.
We offer greater control than consumer-oriented Apple / Android mobile devices while being more affordable, easier to use, and maintain than government only platforms.
We focus on these use cases for government communities beyond what regular Apple/Samsung devices do:
Combo many devices into one - Multiple secure containers e.g. to support remote working / multiple independent levels of security
Secure sites / missions - Controlling modems, cameras, mics, and tracking
Covert / OCONUS usage - Hidden containers, anti-forensics, and spoofing
Rapid updates / deployments - “Easy button” for scaled on-premises or cloud over-the-air management
What do customers see drivers for altOS being?
Moving from PCs and desk phones to mobile, to drive productivity
Consolidating multiple devices into one, to drive prod
Separating different levels of security – personal / unclassified / classified for security
Driving actual usage of secure systems rather than defaulting to extremes of a) No mobile or b) Leaky COTS devices everywhere
FOUO For Official Use Only
SBU Sensitive But Unclassified
CUI Controlled Unclassified InformationNIPR Non-classified Internet Protocol
SIPR Secret Internet Protocol
FVEY – Five Eyes – US, Canada, UK, Australia, and New Zealand
Single Server Configuration base requirements for a server with all services installed sized to manage up to 1,000 devices.
OS: Ubuntu 18.04 LTS x64 (AMD64)
Multi Core CPU: minimum 8 cores
CPU speed: minimum 2 GHz
RAM : 16 GB
DISK: minimum 1 TB
The database growth rate is approximately 150 MB disk space and 70 MB RAM for each additional 1K devices, the above server configuration should be suitable for deployments up to 5k devices.
Protection is three-fold:
• Patching — Our altOS platform is based on the Android Open Source Project (AOSP). Any issue is patched by Google, and we pass through the monthly patches to our customers to keep them safe any issues reported. AltOS’ differentiation in the marketplace is not trying to find or respond to security issues faster than Google itself but instead in making the patching process simpler and easier than the traditional process whereby Google releases patches to OEMs, who then release them to carriers, and then to devices, which can mean vulnerability windows of months. • App white / black listing - You can control what apps run on your altOS devices from our management console. You can ensure your users only use apps that you’ve tested and approved to protect against these kinds of malicious attacks. • Optional Mobile Threat Defense (MTD) / Mobile Endpoint Defense tools — We have partnered with Zimperium to test their tools on altOS. We can do the same with other protection products.
"Google's $399 iPhone Killer” -- www.wired.com/story/google-pixel-3a-io-2019-todays-news/
“Rugged phone you can literally jump on” -- mobilesyrup.com/2019/07/19/sonim-xp8-review/
Older hardware / OS = mirroring
New hardware / OS = desktop experience with multiple windows