Our team is embarking on a new project involving mobile app development government and is deep in the RFP requirements phase; for those who have been through this, what are the critical security protocols and accreditation hurdles specific to mobile app development for government that we should prioritize from day one to avoid costly rework later?