Friday, June 7, 2013

Command Cyber Readiness Inspection ... what?


Command Cyber Readiness Inspection ... what?

Posted 6/6/2013 Updated 6/6/2013Email story Print story

Commentary by 2nd Lt. Ryan Barnes
87th Communications Squadron

6/6/2013 - JOINT BASE MCGUIRE-DIX-LAKEHURST, N.J. -- Joint Base McGuire-Dix-Lakehurst Air Force active duty, guard and reserve units will undergo a Command Cyber Readiness Inspection in mid-July.

A CCRI, which the Defense Information Security Agency performs on behalf of United States Cyber Command, is a technical and operational inspection which takes an in-depth look at an organization's security practices and network readiness to ensure they are compliant with Defense Department's standards. Simply put, it's an Operational Readiness Inspection equivalent that is performed on the network.

The team is looking for deficiencies and vulnerabilities in both the physical and virtual arenas.

How does this affect the average user?

The inspection will be transparent to users, however, all personnel utilizing the Air Force Network must understand that they will have their computers inspected.

Some tips to ensure a success:

1) Restart your computer daily.

2) Remove ID cards from the computer system any time individuals leave sight of the system - even if only for a moment.

3) Be suspicious of any unknown emails from outside '.mil' sources that are unexpected, especially if they contain attachments.

4) Ensure SIPRNet monitors don't face windows or common hallways to restrict viewing by unauthorized personnel.

5) Properly store classified materials and equipment when they are no longer in use.

6) Implement clean desk policy.

7) If a computer is rarely utilized, turn it on so it can receive the proper security updates.

8) Know where (and how to use) the 87th Communications Squadron network incident reporting aid is located. (Hint: it should be a card located by your computer.)

The primary contribution JB MDL members can make to this inspection is to actively enforce and obey all traditional physical and computer security practices to properly guard classified information and correctly use all network systems.

Bottom line: don't drop your guard, even for a moment. Don't be the weakest link. In today's interconnected cyber domain a risk taken by one, is a vulnerability accepted by all.

Questions about what to do? Contact your local Information Assurance Officer for more information.

No comments:

Post a Comment