FORT SAM HOUSTON, Texas –
From Aug. 31 to Sept. 4, an inspection team from the Defense
Information Systems Agency will conduct a command cyber readiness inspection
for the Fort Sam Houston area of responsibility.
The main focus of the inspection will be on the Nonsecure
Internet Protocol Router Network, known as the NIPRNet, and the Secret Internet
Protocol Router Network, or SIPRNet, and supporting traditional security
practices.
The agency will inspect work centers, looking for adherence
to standards and will also check Fort Sam Houston’s technical and information
systems for vulnerabilities.
In addition, DISA will inspect technical and operational
adherence to the Department of Defense standard practices and policies, which
includes secure and non-secure cyber security network compliance and physical
security practices.
In order to ensure Fort Sam Houston passes the inspection
successfully, every unit and network user has a responsibility for being
knowledgeable on proper cyber security, traditional security and physical
security practices.
Commanders and senior civilian leaders at all levels within
their organizations are asked to check and re-check that these standards are
being adhered to – down to the individual user – to ensure awareness and
compliance with cyber security measures.
The following are some tips network users can follow to
ensure compliance success:
Cyber security
• Read your Acceptable Use Policy. As users of the Army
network, you sign an AUP when first being allowed access to any Army network.
It contains all the basics you need to know to keep you compliant when using
Government computer systems.
Blackberry users are required to sign an additional AUP
tailored for the device usage.
• At the conclusion of the business day, log computers off
the NIPRNet system and reboot at the beginning of the next duty day ensure
security patch compliance.
• Power on and log in to SIPRNet systems during mandatory
SIPRNet “uptime” periods as established by the senior commander’s operation
order. Staying connected during the entire period is essential.
• Do not pass any information, especially critical
operational traffic, over unclassified communications, such as phone, email,
Facebook, etc.
• Remove Common Access Cards, SIPR tokens and secure all
SIPR drop lockboxes and hard drives prior to leaving computers unattended.
• Do not plug unauthorized electronic devices, like thumb
drives, hard drives, portable media players or cell phones into a government
NIPRNet or SIPRNet computer system unless you have an approved exemption
letter.
Traditional security
• Know who your security manager, information management
officer and information assurance support officer are and how to contact them.
• Verify security clearances and escort unauthorized
personnel.
• Properly safeguard classified systems to include proper
completion of applicable Standard Form 700 (security container information), SF
701 (activity security checklist) and SF 702 (security container check sheet).
• Use proper document cover sheets and face your monitors
away from your doors and windows to eliminate viewing by unauthorized
personnel.
• Properly label disc media and have proper classification
markings, such as a Department of Defense Form 2056 (telephone monitoring
notification decal) on communications equipment like computers, monitors,
phones, etc., in a mixed environment.
• Know how to identify and respond to a network security
incident or classified message incident by using the network incident reporting
aid located on the NEC Information Assurance SharePoint site at
http://samhc25070:16628/IAD/SitePages/Home.aspx under the cyber security links.
• Never bring portable or wireless electronic devices within
three meters of a classified system.
For more information or assistance on keeping your areas inspection
ready, contact your unit’s G2/S2/security manager or your unit technical
support G6/S6/information mission officer or internet assurance training
officer.
For NEC support, call 221-1599.