JOINT BASE SAN ANTONIO-RANDOLPH, Texas –
Cyber security efforts at Joint Base San Antonio-Randolph will be scrutinized next week when a Defense Information Systems Agency inspection team visits the installation for a week-long assessment.
"U.S. Cyber Command and DISA have determined that any base hosting a network operations squadron or subordinate detachment will be included in the NOS' or detachment's Command Cyber Readiness Inspection," Joseph Harris, 902nd Communications Squadron wing information assurance chief, said. "As such, JBSA-Randolph networks will be inspected alongside the 561st NOS Detachment 2 Monday through Friday."
The team will assess the security of JBSA-Randolph's classified and unclassified computer networks to ensure they comply with all cyber directives, technical time compliance orders, and vulnerability and management processes that meet the U.S. Cyber Command's security postures for computing assets, he said.
"The inspection ensures that technical guidance is implemented and physical security procedures are complied with," Harris said.
John Hipp, 902nd CS wing information protection officer, called the inspection "a thorough, fine-tooth-comb Unit Compliance Inspection-type assessment."
"We'll have to be ready on all fronts," he said.
The inspection comes about a year after a DISA team last visited JBSA-Randolph.
"They're coming back to look at all JBSA-Randolph network assets, including those managed by the 561st NOS Detachment 2," Harris said. "It will be just as intensive as it was in the early part of this year."
He said JBSA-Randolph fared well in the last inspection, earning an "excellent" commendation for NIPRNET security and an "outstanding" for SIPRNET security. NIPRNET is referred to as the Unclassified but Sensitive Internet Protocol Router Network; SIPRNET is the Secret Internet Protocol Router Network.
Hipp said time compliance network orders are another one of JBSA-Randolph's strengths.
"That's when we provide patching for our systems and keep them in compliance," he said.
"We aggressively worked at remediating all vulnerabilities in the last CCRI, as well as tried to be proactive in preventing additional vulnerabilities. Vulnerabilities are potential holes that can be exploited by unauthorized users."
Harris said inspectors will "look at everything on JBSA-Randolph's networks, as well as its physical security." The inspection effort will include thousands of devices, from computers, external hard drives and wireless technology to phones, switches and tablets.
"It's really important that people have CDs, DVDs, computers and other media properly labeled," he said. "They should also make sure they don't leave their common access cards unattended in their computers."
Harris said communications closets should be clean, orderly, well-maintained and locked.
Other ways people can contribute to cyber security are protecting passwords and personal identification numbers, not downloading email attachments from unknown senders, never plugging unauthorized Universal Serial Bus devices, iPods or cellphones into their computers, and being vigilant about unfamiliar individuals in their work area. DISA inspectors may test workers by using social engineering techniques.
Harris said it's important that workers know their client support technician and security manager.
"Know what your response would be if you are put through a scenario by the inspectors," he said. "Employing all proper network, physical and operational security procedures is everyone's responsibility."
For more information, contact Harris at 652-2416 or Hipp at 652-4999.