Preventing computer intrusion
By Erin Lewis, 22nd Air Refueling Wing Public Affairs
/ Published July 26, 2007
MCCONNELL AIR FORCE BASE, Kan. -- Computer security awareness has become a major issue as many functions have been integrated to computers to allow more accurate and timely processing of information, according to the 22nd Communications Squadron.
Computer security is the process of preventing and detecting unauthorized use of computers.
Government employees, including active-duty, Guard and Reserve members and Department of Defense civilians, are responsible for protecting military and personal information.
Information assurance includes the actions that protect and defend information systems by ensuring the availability, integrity, authentication, confidentiality and non-repudiation.
McConnell employees are required to take Information Assurance Awareness training before gaining access to base computers.
"Everyone has to get clearance, so they can gain access to the network," said Clint Walker 22nd Communications Squadron COMSEC manager.
"It gives everyone a broad knowledge about IA, so that even those people who don't know a whole lot about computers can know what to do; it's helpful to everyone," said Senior Airman Jennifer Moore, 22nd Communications Squadron Information Assurance.
The goal of IA awareness is to integrate information systems, security policy and practices into the Air Force culture and to minimize the opportunity for system compromise. IA awareness helps to ensure all personnel using the Air Force information systems understand the necessity and practice of safeguarding information processed, stored or transmitted on all these systems, according to Air Force Instruction 33-204.
Through conducting annual IA inspections, Airman Moore, said that people often do not realize the risk in leaving their computer access card unattended.
"Even though there is the time-out screensaver, someone can send out information, e-mails or upload information or viruses from or to your computer in the amount of time it takes to refill your coffee," she said.
"If the person is unaware that someone has accessed their computer, they are still liable because it was their card used in the act," Airman Moore said.
Some McConnell members have access to classified information via the computer, and are responsible for keeping that information secure at all times. In conjunction with IA, communications security handles classified information security.
The objective of COMSEC is to formalize and standardize the process to minimize the impact of classified message incidents, according to Air Force Instruction 33-201.
Communications security primarily issues materials to keep circuits and systems encrypted, so adversaries can't get and read McConnell's sensitive information, said Mr. Walker.
When a classified message incident is reported, it is immediately responded to, according to Mr. Walker.
"We don't get very many (incident) reports, but no matter what it is, someone will come out to take a look as soon as possible. We protect things the best we can, and we take it very seriously," said Mr. Walker.
"We are all human and we make mistakes. Awareness and educating individuals is the key in preventing incidents," he said.
The information assurance office offers these tips to safeguard your computer and prevent intrusions.
-Do not leave your computer access card unattended at any time.
-Keep Web browsing and file downloads to official business only.
-Watch computer monitor positioning in relation to high traffic areas.
-Do not auto-forward e-mails to a commercial address (AOL, Hotmail, etc.).
-Do not access a commercial e-mail account from a government system.
-Make sure the people in your unit know who these individuals are, and report any incidents to them:
Information system security officer (ISSO).
Client support administrator (CSA, formally known as work group manager).
Information assurance awareness program monitor (IAAP).