U. S. Air Forces in Europe Directorate of Communica-tions and Information is implementing a new network login process July 23 to increase network security compliance throughout the command.
The login process includes a key feature to ensure every network computer is free from known vulnerabilities and compliant with all Air Force required security patches, according to computer security officials here.
“It’s a whole new approach to ensuring compliance across the command – every network user needs to start thinking ‘compliance before connectivity.’ We’re all responsible for securing our Air Force data,” said Linda Killman, USAFE A6 information assurance specialist.
When a user logs on to the network, their computer system is checked for compliance to all the current security and software patches, she said.
Once the new login process is in place, if the user’s computer is missing a patch, a pop-up screen will be activated during the login process that details which patches are missing, followed by a suspense date it must be fixed by, said Ms. Killman.
“When the user gets the new pop-up screen they can’t ignore it. It means they must take some type of action,” said Ms. Killman.
“Compare it to the engine or oil indicator light in you car. You wouldn’t continue to drive it without getting it checked,” she said. “So, I guess you could say we’ve installed warning light indicators to let you know when it’s critical to stop and call an expert.”
If a network user receives the new pop-up screen, identifying their computer as non-compliant, Ms. Killman said they should contact their unit’s work group manager or system administrator. In most cases the user, with their system administrator’s assistance, will have two weeks to get the computer in compliance. If it isn’t fixed by the suspense date, they will be locked out of the network.
USAFE is the first major command to be implementing a system like this.
“Spangdahlem (Air Base, Germany’s) communication squadron developed the concept. It was identified as a best practice during an information assurance inspection,” said Ms. Killman.
The USAFE Network Operations Security Center took the concept and created a comprehensive compliance strategy to standardize the process across the command.
“We tested it within our own community, first at USAFE A6 and at USAFE Computer Systems Squadron and then at all the communication squadrons in the command,” said Ms. Killman.
She added that base-level network control centers and work group managers at every unit have been working hard to prepare for this effort.
Ms. Killman said they ran into some problems but were able to work out the bugs.
“Even though we have tested the new login, we know every functional community is a little bit different so we’re prepared to work through the issues with them,” she said. “We’re extremely optimistic, eliminating the vulnerabilities is worth the bumps we’ll have to take in the beginning.”
Although there will be variations between USAFE bases, the new process is an important aspect of computer security.
“Getting information to the right place at the right time is critical to USAFE’s ability to execute its missions,” said Lt. Col. Joyce Farah, USAFE CSS commander. “It only takes one system to compromise an entire network and potentially a mission.”
Not every user will see the new pop-up screen, but the new feature will be running behind scenes on every workstation, testing for compliance. A pop-up screen indicates non-compliance, so in this case Ms. Killman said, “no news is good news.”