FORT LEE, Va. – Whether Team Lee members realize it or not, the need for information security touches all aspects of their daily lives, on- and off-duty.
Think about the time spent on the phone or participating in teleconference meetings over commercial communication systems. Teleworking – requiring people to login to government networks remotely – has become standard practice, mostly necessitated by the threat of COVID-19. The use of social media as a means of communication with troops and the community has dramatically increased as well.
All of the aforementioned factors, as well as the Controlled Unclassified Information, or CUI, most government workers have access to on a daily basis, make constant awareness of information security a necessity, observed Garrison Security Manager Charles White.
October is National Security Awareness Month, and efforts are underway to underscore its theme “Include Security.” The campaign encourages community members to give thought to daily information protection habits and ensure they meet the expectations outlined in the Security Awareness Training that is an annual requirement for federal workers.
“Thanks to the mandated training, the government workforce has a pretty good handle on what needs to be done to protect classified information,” White confirmed. “What we need to ensure is that we’re paying equal attention to CUI, not only because of our ‘new normal’ of conducting business remotely, but also because humans have always had a natural tendency to speak before they think, especially amid the hustle and bustle of their daily work and home lives.”
White said the messages that should be voiced by leaders during the awareness campaign need to be heard by all ranks and those connected with Fort Lee, including military family members who may be privy to information that is not meant to be shared with the public.
To protect CUI, the team has to know what falls into that category. A detailed listing would be exhaustive to read, so White broke it down this way. “What would give you an advantage if you were planning to do harm to Fort Lee personnel or its day-to-day operations?”
Things that fit into that category include personally identifiable information that would make someone more vulnerable to identity theft or coercion. White also listed the following:
· Critical infrastructure: emergency management, physical security assessments
· Defense: controlled technical information
· Intelligence: operations security
· International agreements
· Law enforcement information: accident investigation, communications
· Legal: administrative proceedings, protective orders
· Privacy: health information, civilian and military personnel records, home addresses, etc.
Moving on to “defensive measures,” the Security Office offers the following tips:
· When using social media, always think about what exactly is being posted and who could possibly view it based on active security settings. Remind family members that their online activities could be monitored.
· When working at home, establish a secure environment to effectively safeguard CUI. Implement measures that limit or control access to the area; remove CAC every time you step away from your government computer; turn off cameras and microphones when they’re not needed for official business.
· Use screen protectors that limit others from “taking a peek” at your work.
· Follow standard procedures for handling PII. Do not take that info home unless your agency allows it.
· CUI should never be moved to or stored on personal systems.
· Personal email accounts should not be used to transmit official emails, particularly if they contain CUI.
· During conversations over commercial telephone lines, always remember that it’s not a secured transmission and remind others if they begin to share sensitive information.
· Finally – report all security violations, whether at home or in the workplace, thru your security manager and supervisor.
“Every member of the team must remain security and safety minded,” White reiterated. “I know it’s easy to let our guard down amid all the serious business of troop training, supporting Operation Allies Welcome and keeping people safe from COVID-19. Just remember that security is our business. We must protect ourselves just as we have sworn to protect our nation.”
Anyone with questions about or needing guidance concerning information security safeguards can contact the Garrison Security Office at 804-734-1569/6066. Look for additional security awareness tips on the Sisisky Gate digital sign and the poster displays placed around Fort Lee.
“Security is a team effort,” White said in closing. “Your diligence in promptly reporting concerns and adhering to your agency’s security policies and procedures will ensure the integrity of national security. As a team, we can protect our war-fighters, colleagues and families from potential harm. We need to apply a renewed focus on ‘Including Security’ in everything we do.”