JOINT BASE ANDREWS, Md. –
The 744th Communications Squadron is preparing for the Command Cyber Readiness Inspection, scheduled for July 13-17.
The biennial inspection conducted by the Defense Information Systems Agency assesses the compliance status and operational readiness of the base non-secure internet protocol router and secure internet protocol router networks.
It also inspects traditional and physical security of base facilities.
"This includes inspecting work centers for adherence to standards as well as checking the base's networks and information systems for vulnerabilities," said Lt. Col. Pamella Zane, 744 CS commander. "DISA will also look at the base's technical and operational adherence to Department of Defense standard practices and policies, which include NIPR and SIPR network compliance, physical security and information assurance practices."
During the CCRI, there should be minimal impact to the average end-user. Users may experience latency or other delays in reaching network resources as vulnerability scanning is conducted by the inspectors.
"What you may not realize is, just like a unit compliance inspection or operational readiness inspection, all personnel who use AFNet, NIPRNet or SIPRNet play a critical role in the preparations and ultimately the overall score JBA receives," Zane said.
The following tips will assist JBA through the CCRI:
· Log off and reboot your NIPR machine daily to ensure security patch compliance; do not just pull your Common Access Card and remain logged in.
· Power on and log in to SIPR machines during mandatory uptime periods; staying connected during the entire period is essential.
· Properly label disc media and have proper classification markings on communications equipment (computers, monitors, phones, etc.) in a mixed environment.
· Follow proper operational security guidelines
· Do not leave your CAC in the card reader when you are away from your computer; pull your CAC to lock your workstation.
· Always digitally sign messages with hyperlinks and attachments.
· Be cautious of phishing attempts when receiving emails with links and attachments that are not digitally signed.
· Properly safeguard classified systems
· Do not pass any information, especially information on the Critical Information List over unclassified means, whether it be phone, e-mail, Facebook, etc.
· Know how to identify and respond to a network security incident or classified message incident by using the orange Computer Emergency Quick Response Aid.
· Know your unit security manager and Information Assurance Officer.
· Never plug any sort of electronic devices like thumb drives, hard drives, portable media players or cell phones into a NIPR or SIPR machine unless you have an approved exemption letter.
Additionally, inspectors will visit base facilities to assess physical security and may conduct interviews of unit personnel. If questioned by an inspector, refer them to the unit information system security officer or to 744 CS.
"Success will only be reached through consistent adherence to standards and a culture of accountability," Zane said. "The time to be concerned with cyber security is ALWAYS!"
If you have questions or concerns about the CCRI, contact your unit information assurance officer or 744 CS at (301) 981-0273.