Discipline and vigilance keys to information protection

by Senior Airman Amanda Dick
Ramstein Public Affairs

In the cyberspace age, protecting information should be a priority for every member associated with the military.

The Air Force’s annual information protection training defines information protection as “the collective policies, processes and implementation of risk management and mitigation actions instituted to prevent the compromise, loss, unauthorized access/disclosure, destruction, distortion or non-accessibility of information, regardless of physical form or characteristics, over the life cycle of the information.”
Two issues users should be especially vigilant of are information discipline and software exploits.


Information discipline
“The discipline required to protect information has become more critical than ever due to our increasing reliance on cyberspace to achieve national military objectives,” wrote Tech. Sgt. Scott Sheldon, 31st Fighter Wing Information Assurance Office non-commissioned officer in charge of IA at Aviano Air Base, Italy, in a recent article.
As the ability to access information increases, so does the potential for information to become lost or compromised.

“Compliance with Information Assurance policy and directives ensures appropriate measures are taken to guarantee the availability, integrity and confidentiality of Air Force information systems and the information they process,” said Tech. Sgt. Cory Cross, Ramstein Information Assurance assistant non-commissioned officer in charge of IA. “Using appropriate levels of protection against threats and vulnerabilities helps prevent denial of service, corruption, compromise, fraud, waste and abuse.”

Sergeant Cross gives some tips to help protect information against threats.
• Users should not share their Common Access Card personal identification numbers or passwords
• Users should protect passwords at the same classification level as the information systems they grant access to
• Users should always lock workstations that will be unattended and use a secure screen saver
• Users should be aware of their surroundings and their individual work areas to prevent casual viewing of information by unauthorized people.

Software exploits
A recent Ramstein Information Assurance tip stated “official reports show that as much as 40 percent of software in use today is not licensed properly.”
Unlicensed or unauthorized software poses a threat to information that should be protected.

“Software exploits take advantage of bugs or vulnerabilities in software and use them to cause unintended behavior on computer systems,” Joshua Neate, 39th Air Base Wing Information Assurance Office chief of IA at Incirlik Air Base, Turkey, wrote recently in an article.

Mr. Neate further explains the best way to prevent software exploits is to only install Air-Force-approved software from or in transition to the Air Force Electronic-Approved Products List.

This approved software helps prevent against threats infiltrating the networks users work on.

“The Air Force Communications Agency has conducted due-diligence testing for all approved software to ensure the software does not pose threats or vulnerabilities to the Air Force network,” Sergeant Cross said.

The assistant non-commissioned officer in charge went on to say why it is so important for users to only used approved software.

“Unauthorized software has not been tested and could possibly create network vulnerabilities or provide backdoor access to unauthorized
individuals,” he said.

Because of new and constant threats to cyberspace, it is every member’s responsibility to make sure they protect the information on their government systems through discipline and vigilance.