FORT CAMPBELL, Ky. -- Regional Network Enterprise Center -- Bluegrass Region officials at Fort Campbell are emphasizing the need for year round cyber security as the installation prepares for the upcoming Cyber Command Readiness Inspection.
The inspection will be conducted May 4-8 by the Defense Information Systems Agency in order make sure the Fort Campbell network complies with U.S. Cyber Command policies. The inspectors will be looking for trends and monitoring Fort Campbell's "cyber security posture in a snapshot," said Installation Information Assurance Manager Nikki Enwereuzor.
The Regional Network Enterprise Center team is always watching and here to help prevent cyber security slip-ups. With the inspection upcoming, RNEC officials spoke about some of the most common cyber security mistakes they encounter.
The most common mistake may seem minor to many Soldiers, Department of Defense civilians or contractors with access to the Fort Campbell network, but actually poses a great cyber security risk. People often leave their CAC cards unattended.
"Especially if they leave their computers logged on and then they walk off," Enwereuzor said. "It seems simple, but that obviously poses a security risk. Anyone can get on your computer and send out messages."
Other seemingly easily correctable mistakes include labeling media kept within offices, such as CDs, so they can be identified and secured properly if they contain classified or sensitive information. Personnel are also encouraged not to charge cell phones via their computer's USB port, as it has the potential to create a link between devices.
People should also monitor who comes in and out of buildings where classified information is contained and secure their files and computers accordingly.
"Obviously, we want to make sure people are aware of their surroundings, especially if you're in a classified environment," Enwereuzor said. "We go to a lot of buildings and people just let you in and they don't question who you are and let you walk around. You may have [paperwork that is considered For Office Use Only]; [or] classified [personally identifiable information] on your desk and that shouldn't be just left out there. "For the most part, those are things that people can do right off the bat to change the IT or security culture."
More than 100 on-post buildings have access to the SIPRNet, which is a network used to transmit classified information in a secured environment. As such, extra steps must be taken when accessing this network to ensure cyber security. Wireless devices, such as cell phones, are not allowed in the vicinity of the SIPRNet.
"A lot of people have SIPRNet capabilities, and they're not securing or treating that environment as if it's classified," Enwereuzor said. "So what we find typically when we walk around is unsecured SIPR. They're logged on to the SIPR and they're not anywhere around the vicinity."
Bill DeLong, IT security specialist at the RNEC, said SIPRNet access should be treated with care.
"We're trying to get the Soldiers and the customers to realize this is like a weapon system that they need to constantly maintain and be aware of," he said. "In reality, it is a weapon system because the information that you use can be used against our enemies. But it can also be used against us …"
With some 40,000 attacks on the government network each and every day, RNEC Cyber Security Division Chief Alfred B. Henderson said sometimes the biggest challenge to the Army is the insider threat -- whether it is the inadvertent leaving of CAC cards unattended or the more deliberate actions to release information by individuals such as Bradley Manning.
"Our biggest threat is inside threat ... the ones that have access to the network," he said. "This is why it's important that this campaign tell the user about the CAC card, unmarked items that [do not] need to be left unattended."
Enwereuzor warns that it is not only Fort Campbell personnel that can cause cyber security issues. For example, she cited a recent instance where an unidentified person called a Fort Campbell employee and asked about specific computer information out of the blue.
"Never give information to someone that you don't know, especially if it's related to the system," she said. "Those are ways that hackers do try to gain access onto the network."
In addition, personnel should report any computer malfunctions that are unusual, as well as make sure network computers remain virus-free.
"If you're clicking on Outlook and it's opening something else or that kind of stuff, those are things you definitely want to report right away," Enwereuzor said.
Cyber security extends outside the installation's gates to home computers and beyond.
"As vigilant as you are on the installation, you have to be that much and more outside," said Ada Jones, Cyber Security Division. "Not carrying on conversations that you have on post at Wal-Mart, 'hey did you see that memo yet?'"
Throughout April, Fort Campbell personnel are encouraged to complete their annual Army User Policy agreement as well as complete any required cyber security awareness training. For more information about cyber security at Fort Campbell, call (270) 798-5812.
The Fort Campbell network accommodates more than 20,000 users on about 90,000 devices, including computers, printers, scanners and more, Henderson added.
"Our primary objective is security," Henderson said. "Secure the government network from adversaries. Protect it. That's what we do and we try to do it the best we can with the tools we have and the resources we have.
"Everyone on this installation is cyber security, not just my division ... It's part of your responsibility as well."
Related Links:
101st Airborne Division on Twitter
Fort Campbell Courier on Twitter
101st Airborne Division on Facebook
Social Sharing