COMSEC: A "need to know" basis

  • Published
  • By Senior Airman Abigail Klein
  • 22nd Air Refueling Wing public affairs
MCCONNELL AIR FORCE BASE, Kan. --  
Every day, cyberspace hackers, criminal organizations and terrorists strike at Department of Defense computer networks, attempting to infiltrate DOD information systems by exploiting weaknesses.

At all military installations, including McConnell, the threat of adversaries permeating computer accounts is constant. To counter act these threats, the use of computer security awareness and information awareness is a daily requirement for Airmen.

"Statistically, there's always someone trying to probe the NIPR net (DOD unclassified networking)," said Clint Walker, 22nd Air Refueling Wing Information Assurance manager. "Whether maliciously or unintentionally, NIPR users can become hosts for passing sensitive information from their computing systems."

He said NIPR users can open access avenues for hackers by pulling information from Web sites on the public domain or opening e-mails from unidentified senders.

To prevent network infiltration, DOD requires all personnel who have access to the network to use of computer security, a process which formalizes and standardizes the security to minimize the incidence of network intrusion.

"Only authorized personnel are allowed access to the networks at McConnell in order to lock-down who has access to it," said Senior Airman Thomas Kear, 22nd Communications Squadron COMSEC accountant.

All McConnell employees (active-duty, reserve, Guard and civilian) are required to take Information Assurance Awareness training annually, before gaining or continuing access to the base network.

This training is designed to teach Air Force personnel how to protect integrated information systems and implement security policy and practices to help minimize system intrusion opportunities.

By applying the techniques taught in training, the users can help safeguard information processed, stored or transmitted by all Air Force networks, said Mr. Walker.

In addition to training, the Air Force offers all networks users a resource to prevent network intrusion. Information Assurance officers, are in charge of all users within their assigned sections.

This makes it easier for users to report any suspicious network activity, Mr. Walker said. They also provide answers to any software questions or report any other discrepancies in the network

"Often users won't know a discrepancy until it is too late," Mr. Walker said. "That is why it is really important to know who you're units appointed IAO is."

Other tips Mr. Walker recommends to avoid network infiltration include but are not limited to:
· Report any or all suspicious e-mails from questionable sources.
· Don't open any e-mails from unidentified sources. E-mail is the most common way that computer viruses are sent.
· Test the security of account passwords to ensure their integrity.
· Avoid pulling or downloading information from Web sites outside the NIPR net.
· The use of all thumb drives is unauthorized. Call the COMSEC office at 316-759-3046 to dispose of any questionable thumb drives.
· Know your section IAO.
· If something seems wrong with the network, report it. It can't be fixed unless it's reported to the IAO.
· Do not leave computer access cards unattended at any time.

Following these steps will help ensure the network integrity at McConnell and maintain COMSEC procedures.

In today's Air Force, we rely heavily on our computing systems to get the job done, Mr. Walker said. When people over step their boundaries on the network, it creates holes in the networks protection limiting our ability to get the mission done.