JOINT BASE SAN ANTONIO-RANDOLPH, Texas –
When it comes to safe guarding the Joint Base San Antonio mission, military networks across three locations depend on more than 70,000 service members, civilian employees and contractors to exercise operational security.
This involves protecting mission-critical data and personal information before, during and after using computers connected to the military network.
According to Air Force Instruction 10-701, the purpose of practicing OPSEC "is to reduce the vulnerability of Air Force missions by eliminating or reducing successful adversary collection and exploitation of critical information."
For Soldiers, Army Regulation 530-1 provides OPSEC guidance.
Critical information includes credit card numbers, itineraries, travel dates, passwords, classified documents, reports, research and more.
Tommy Garcia, 902nd Communications Squadron network security manager, said when it comes to keeping this information out of the wrong hands, there's a five-step process: identify critical information, analyze threats, analyze vulnerabilities, assess risks and apply countermeasures.
"Denying adversaries sensitive information about our planning processes and operations is critical to national security," Garcia said.
Unfortunately, even with training, it can be difficult to know friend from foe when defining the typical adversary. No such description exists.
"There is no real definition to what a terrorist, criminal, thief or rapist looks like," Mance Clark, JBSA-Randolph antiterrorism officer, said. "If we keep a gray perspective, we are better in identifying all types of threats."
Although, not leaving common access cards unattended, disposing of critical and sensitive information properly and verifying strangers in the workplace are OPSEC countermeasures; our culture has a habit of undermining preventive efforts.
"We're in a digital age where a basic need to give information and a constant access to social media exists," Clark said, citing online users geographically "tagging" themselves at locations away from home as revealing key pieces of information for home invaders. "Also, people tend to give too much information away, especially military members who are trained to satisfy information requests."
For example, when an unknown caller contacts an office requesting to speak to somebody who is out, the person answering may give the caller information about where the person is without realizing it.
"Sometimes adversaries confirm that someone is on leave, vacation or even at lunch by calling his work," Clark said.
To avoid putting others in vulnerable positions in this scenario, tell the caller the person they are looking for is "unavailable" or "not in at the moment." If the caller presses for more information, that's a red flag, but the recipient is now in control of the situation, Clark said.
"OPSEC is about controlling and managing your environment," he said. "If practiced regularly, it becomes not a task or a chore, but an art."
For suspicious or unusual activity on a JBSA location, there are non-emergency numbers.
At JBSA-Randolph call 652-5700/5509; JBSA-Lackland, 671-3030/2018; and JBSA-Fort Sam Houston, 221-2244/2222.