The consumer device is already in the fight
This is not a proposal. It is a description of what is already happening. Ukrainian forces coordinate operations on personal phones. US Special Operations units carry MacBooks alongside their radios. Task Force 59 ran unmanned systems in 5th Fleet with commercial tablets as control interfaces. Almost 700 frontline US units are now authorized to purchase critical systems directly from commercial vendors.
The defense acquisition system spent decades building purpose-built tactical hardware. Meanwhile, Apple Silicon passed 38 TOPS of neural engine performance in a 2.7-pound laptop with 18-hour battery life. The compute gap between consumer and ruggedized is gone. What remains is a management gap: how do you take a device designed for a coffee shop and make it trustworthy in a SCIF, a TOC, or a patrol base?
That question has a regulatory dimension (CMMC 2.0, DISA STIGs), an operational dimension (classification boundaries, RF suppression, night operations), and a logistics dimension (fleet updates, airgapped delivery, audit trails). No current MDM platform addresses all three.
The regulatory landscape: CMMC 2.0 and NIST 800-171
CMMC 2.0 Level 2 requires organizations to meet 110 security requirements from NIST SP 800-171. This applies across more than 200,000 companies in the Defense Industrial Base. Controls AC.3.020 and AC.3.022 specifically require control of mobile device connections and encryption of CUI on mobile devices. Every consumer device that touches CUI falls under these requirements.
NIST SP 800-124r2, the guide for managing mobile device security, draws a distinction between MDM (managing the device configuration and policy), MAM (managing individual applications), and MTD (detecting and responding to mobile threats). Most commercial MDM platforms handle the first. Few handle all three in a way that satisfies CMMC auditors. None of them handle the tactical use case where the device also needs to run AI inference, participate in a mesh network, and suppress RF emissions on command.
The compliance challenge is not meeting the 110 controls on a single device. That is engineering. The challenge is meeting them across a fleet of hundreds of devices at multiple classification levels, keeping them in continuous compliance without quarterly audit cycles, and doing it all in environments where network connectivity is intermittent or denied.
Why Knox proved the concept but cannot solve the problem
Samsung Knox validated that consumer hardware can meet government security standards. Common Criteria certification. FedRAMP authorization. Broad adoption across DoD and the Intelligence Community for unclassified use. Knox proved that the hardware is trustworthy. That contribution matters.
Knox operates at a single classification posture. A Galaxy device is either Knox-managed or it is not. There are no tiered policy profiles for different classification levels on the same fleet. There are no enforced data boundaries preventing a CUI device from ingesting unclassified data without declassification policy. There is no auto-wipe timer that varies by classification level. There is no audit segregation keeping logs from different classification levels in separate channels.
Knox was designed for enterprise IT departments. Banks. Hospitals. Retail chains. It solves the problem of managing employee phones in an office building. It does not solve the problem of managing a mixed-classification fleet in a forward operating base where the operator might need to go RF-silent, operate under night vision, or silently wipe mission data if captured.
The tactical features gap
No commercial MDM product offers stealth mode: complete suppression of WiFi, Bluetooth, NFC, and cellular radios, rendering the device electromagnetically invisible. In environments where the adversary conducts direction-finding against RF emissions, this is not a convenience feature. It is a survivability requirement. EdgeLance Stealth Mode enforces this at the MDM layer, compatible with TAK/ATAK running in offline mode.
No commercial MDM product offers NVG mode: a green monochrome display filter locked to minimum brightness, compatible with AN/PVS-14, AN/PVS-31A, and ENVG-B night vision goggles. Every operator who has watched someone ruin 30 minutes of dark adaptation because their phone auto-brightened understands why this matters.
No commercial MDM product offers a duress PIN: a secondary unlock code that silently wipes all mission data, sends a covert alert through the mesh, and presents a normal-looking home screen to whoever compelled access. The PIN is stored in hardware-backed secure storage where forensic imaging of the device cannot reach it. Knox never needed this feature because Samsung's enterprise customers are not at risk of being physically coerced into unlocking their phones by a hostile actor.
These features exist because EdgeLance MDM was designed for the tactical environment first, not adapted from an enterprise product after the fact.
Continuous compliance instead of periodic audits
DISA STIGs are traditionally implemented as checklists. An IA team visits the unit quarterly, reviews device configurations, checks boxes, writes findings, schedules remediation. The gap between audits is weeks or months. Security incidents live in that gap.
EdgeLance maps every relevant STIG control to a device query policy that evaluates continuously. Passcode complexity. Auto-lock timeout. Camera and microphone restrictions. USB peripheral policy. VPN always-on enforcement. AirDrop, iCloud, Handoff, and screenshot suppression. All evaluated per classification level, all the time. When a device drifts out of compliance, the MDM responds within seconds: alert the administrator, restrict device capability, or wipe based on the severity and classification level of the violation.
The IA team gets a real-time compliance dashboard instead of a quarterly spreadsheet. The unit commander can see fleet compliance status at any time. Auditors can pull continuous compliance records instead of point-in-time snapshots. This is what 'STIG as code' looks like in practice.
Fleet management in airgapped environments
A Defense Unicorns analysis from March 2025 found that 'most systems only see software updates once a year or less' and that 'this is especially true for the most critical systems, which tend to view software updates as high impact events likely to result in mission downtime.' Their conclusion: 'Every weapon system needs to have the ability to update on demand, in minutes, rather than in months or years. The nation with the ability to update their software the fastest has a significant warfighting advantage.'
Conventional deployment pipelines rely on network connectivity. That works in garrison. It does not work at a remote outpost, on a patrol, or in any environment where the node is intentionally airgapped. No standardized approach to airgapped software delivery exists across the services.
EdgeLance Software Courier uses managed iOS devices as physical delivery vehicles for signed software packages. The courier downloads a signed Zarf package, carries it to the target node, connects via USB, verifies the target's identity, deploys the update, and purges its own copy. Every step is logged. The fleet management system tracks package creation, courier assignment, target verification, deployment result, and courier purge in a complete chain of custody.
This is not sneakernet. Sneakernet has no verification, no identity binding, no chain of custody, and no audit trail. Software Courier has all four. The difference matters to every IA team and RMF assessor who has to authorize software delivery to classified systems.
The platform that ties it together
Device management, compliance enforcement, tactical features, and fleet logistics are not separate products in EdgeLance. They are layers of a single platform that also runs local AI inference, mesh networking, sensor fusion, and mission workflows on the same devices it manages.
A MacBook managed by EdgeLance MDM at the CUI level runs object detection on its cameras, participates in the mesh network, enforces STIG compliance continuously, receives software updates via courier when airgapped, and produces an auditable mission record. The same MacBook, re-provisioned to UNCLASS, can be used for training the next day with all CUI data wiped and a fresh model loadout deployed.
That integration, device management and mission capability on the same platform, is what makes consumer hardware viable as tactical infrastructure. The hardware was always capable. The software to manage, harden, and mission-enable it at scale is what was missing.