JBSA-Lackland prepares for command cyber readiness inspection

  • Published
  • By Lt. Col. Christopher M. Waddell
  • Commander, 502nd Communications Squadron

Joint Base San Antonio-Lackland will undergo a Command Cyber Readiness Inspection, or CCRI, as an inspection team from the Defense Information Systems Agency will conduct a thorough evaluation of all network systems from Feb. 28 to March 11.

The main focus of the inspection will be on the Nonsecure Internet Protocol Router Network, or NIPRNet, the Secret Internet Protocol Router Network, known as the SIPRNet, and supporting traditional security practices.

The agency will inspect work centers, looking for adherence to standards and will also check JBSA-Lackland’s technical and information systems for vulnerabilities.

In addition, DISA will inspect technical and operational adherence to the Department of Defense standard practices and policies, which include secure and non-secure cybersecurity network compliance and physical security practices.

In order to ensure JBSA-Lackland passes the inspection successfully, every unit and network user has a responsibility for being knowledgeable on proper cybersecurity, traditional security and physical security practices.

Commanders and senior civilian leaders at all levels within their organizations are asked to check and re-check that these standards are being adhered to – down to the individual user – to ensure awareness and compliance with cybersecurity measures.

The following are some tips network users can follow to ensure compliance success:

Cyber Security

• Read your Acceptable Use Policy, or AUP. As users of the Air Force network, you sign an AUP when first being allowed access to any Air Force network. It contains all the basics you need to know to keep you compliant when using Government computer systems. Mobile device users are required to sign an additional AUP tailored for the device usage.

• At the conclusion of the business day, log computers off the NIPRNet system and restart the computer to ensure security patch compliance.

• Power on and log in to SIPRNet systems during mandatory SIPRNet “uptime” periods as established by the 502d Communications Squadron. Staying connected during the entire period is essential to systems getting the required updates.

• Do not pass any information, especially critical operational traffic, over unclassified communications, such as phone, email, Facebook, etc.

• Remove Common Access Cards, SIPR tokens and secure all SIPR hard drives prior to leaving computers unattended.

• Do not plug unauthorized electronic devices, like thumb drives, hard drives, portable media players or cell phones into a government NIPRNet or SIPRNet computer system unless you have an approved exemption letter.

Traditional Security

• Know who your unit security managers, information protection officers and information system security officers are and how to contact them.

• Verify security clearances and escort unauthorized personnel.

• Properly safeguard classified systems to include proper completion of applicable Standard Form 700 (security container information), SF 701 (activity security checklist) and SF 702 (security container check sheet).

• Use proper document cover sheets and face your monitors away from your doors and windows to eliminate viewing by unauthorized personnel.

• Properly label disc media and have proper classification markings, such as a Department of Defense Form 2056 (telephone monitoring notification decal) on communications equipment like computers, monitors, phones, etc., in a mixed environment.

• Know how to identify and respond to a network security incident or negligent disclosure of classified information.

• Never bring portable or wireless electronic devices within three meters of a classified processing system.

• Ensure all Common Access Cards and SIPRNET tokens are not left unattended in personal computers. They must be with you at all times.

For more information or assistance on keeping your areas inspection ready, contact your unit’s security manager or your unit ISSO.

For Communications Focal Point support, call 210-925-2666 or email 502cs.cfp@us.af.mil.