Cyber readiness inspection ahead

On behalf of U.S. Cyber Command, a Defense Information Systems Agency inspection team will conduct a Command Cyber Readiness Inspection here June 3 - 7.

Massive preparations are underway across the base, including compliance validation actions for 100-plus checklists.

A CCRI is the communications equivalent of a base operational readiness inspection. The CCRI focuses on a base's networks and supporting security practices.  The DISA team will review the base's computers, computer programs, servers, and traditional physical security to ensure they meet DOD security standards and inspect work centers for vulnerabilities.

Cyber security is everyone's responsibility.  For Eglin to be successful during this inspection, all network users must be knowledgeable and adhere to traditional physical security, information security and information assurance policies.

Some tips for all users to ensure inspection success:

• The unit cybersecurity liaison is a user's first line of defense - always consult the unit CL for computer related issues.
• Leave network computers powered on at night. Log off and reboot unclassified machines daily to ensure security update compliance. Reboot classified machines each Thursday.  
• Plug in and turn on SIPR computers every Tuesday through Thursday from 7 a.m. – 4 p.m.
• In areas that process classified information, documentation must be updated whenever equipment is moved, added, or removed.  Contact the unit CL for assistance.
• Ensure rooms and areas containing active communications equipment, such as switches and routers are locked. Only communications equipment should be in the communications closets.
• Properly label removable media and have proper classification markings on communications equipment (computers, monitors, phones, etc.) in a mixed environment.
• Verify security clearances.
• Properly safeguard classified systems.
• Pull CACs/token cards before leaving the computer. Never leave ID cards in a computer or on a desk, not even for a few seconds.
• Never write down usernames or passwords. Username/password security is just as important as CAC/PIN security.
• Sign-In/announce un-cleared personnel entering classified areas.
• Escort unauthorized personnel.
• Know how to identify and respond to a network security incident or classified message incident by using the network incident reporting aid.
• Do not pass any information, especially information on the critical information list, over unclassified means, whether it be phone, e-mail, Facebook, etc.
• Use document cover sheets and face your monitors away from doors and windows to prevent inadvertent disclosure of information.
• Never bring portable or wireless electronic devices within three meters (10 feet) of a classified system.
• Never plug any sort of electronic devices such as thumb drives, hard drives, portable media players or cell phones into a government owned machine unless the device has been approved through the unit CL.
• Know the unit security manager and unit CL. Report suspicious computer activity to the unit CL, security manager, or the 96th Communications Squadron at 882-COMM (2666).

For more information on keeping areas inspection ready, contact the unit cybersecurity liaison.