JOINT BASE SAN ANTONIO-FORT SAM HOUSTON, Texas –
Joint Base San Antonio-Fort Sam Houston will undergo a command cyber readiness inspection, or CCRI, as an inspection team from the Defense Information Systems Agency will conduct a thorough evaluation of all network systems from March 22 to April 2.
The main focus of the inspection will be on the Nonsecure Internet Protocol Router Network, or NIPRNet, the Secret Internet Protocol Router Network, known as the SIPRNet, and supporting traditional security practices.
The agency will inspect work centers, looking for adherence to standards and will also check JBSA-Fort Sam Houston’s technical and information systems for vulnerabilities.
In addition, DISA will inspect technical and operational adherence to the Department of Defense standard practices and policies, which include secure and non-secure cybersecurity network compliance and physical security practices.
In order to ensure JBSA-Fort Sam Houston passes the inspection successfully, every unit and network user has a responsibility for being knowledgeable on proper cybersecurity, traditional security and physical security practices.
Commanders and senior civilian leaders at all levels within their organizations are asked to check and re-check that these standards are being adhered to – down to the individual user – to ensure awareness and compliance with cybersecurity measures.
The following are some tips network users can follow to ensure compliance success:
• Read your Acceptable Use Policy, or AUP. As users of the Army network, you sign an AUP when first being allowed access to any Army network. It contains all the basics you need to know to keep you compliant when using Government computer systems. Mobile device users are required to sign an additional AUP tailored for the device usage.
• At the conclusion of the business day, log computers off the NIPRNet system and reboot at the beginning of the next duty day to ensure security patch compliance.
• Power on and log in to SIPRNet systems during mandatory SIPRNet “uptime” periods as established by the senior commander’s operation order. Staying connected during the entire period is essential to systems getting the required updates.
• Do not pass any information, especially critical operational traffic, over unclassified communications, such as phone, email, Facebook, etc.
• Remove Common Access Cards, SIPR tokens and secure all SIPR drop lockboxes and hard drives prior to leaving computers unattended.
• Do not plug unauthorized electronic devices, like thumb drives, hard drives, portable media players or cell phones into a government NIPRNet or SIPRNet computer system unless you have an approved exemption letter.
• Know who your security managers, information management officers and information assurance support officers are and how to contact them.
• Verify security clearances and escort unauthorized personnel.
• Properly safeguard classified systems to include proper completion of applicable Standard Form 700 (security container information), SF 701 (activity security checklist) and SF 702 (security container check sheet).
• Use proper document cover sheets and face your monitors away from your doors and windows to eliminate viewing by unauthorized personnel.
• Properly label disc media and have proper classification markings, such as a Department of Defense Form 2056 (telephone monitoring notification decal) on communications equipment like computers, monitors, phones, etc., in a mixed environment.
• Know how to identify and respond to a network security incident or classified message incident by using the network incident reporting aid located on the NEC Information Assurance SharePoint site at https://army.deps.mil/netcom/sites/106SAM/CSD/SitePages/Home.aspx under the cybersecurity links.
• Never bring portable or wireless electronic devices within three meters of a classified system.
For more information or assistance on keeping your areas inspection ready, contact your unit’s G2/S2/security manager or your unit technical support G6/S6/information mission officer or internet assurance training officer.
• Ensure all Common Access Cards and SIPRNET tokens are not left unattended in personal computers. They must be with you at all times.
For NEC support, call 210-221-8000 or email firstname.lastname@example.org.