2. Overview NISPOM paragraph 3-107 requirement states that as contractors we are required to provide all cleared employees with at least annual security education and training.
The following topics will be covered:
Overview of Clearance Information
For Official Use Only (FOUO)
Need-to-know
Security Classification System
IT Security
End of Day Checks
Destruction
Reporting Requirements
Threat Awareness
Updated Procedures
3.
Some employees or consultants at TSC have been granted a personnel security clearance. This clearance is a privilege, not a right. It is the responsibility of each individual to maintain continued access to classified, Privacy Act, or For Official Use Only information.
TSC is a DOD Top Security cleared facility with Secret safeguarding.
TSC personnel can have the eligibility for access up to the Top Secret level.
TSC facility is able to store classified material at the Secret level.
4. Classified Information Nondisclosure Agreement�(SF312) All persons authorized access to classified information are required to sign a nondisclosure agreement as a condition of that access.
The SF312 is a contractual agreement between the US Government and you.
The primary purpose of the SF312 is to inform you that:
A special trust has been placed in you
This agreement is binding upon you for life
You are responsible to protect classified information for unauthorized disclosure; and,
There are serious consequences for not complying with the terms of this agreement.
5. Levels of Classified Information Top Secret- Release of this material could GRAVELY damage national security.
Secret- Release of this material could SERIOUSLY damage national security.
Confidential- Release of this material could DAMAGE national Security.
Types of National Security Information
NATO
Restricted Data (RD)
COMSEC
FOUO
NOFORN
May require additional briefing(s).
6. For Official Use Only (FOUO)
FOUO Information is prohibited from transmitting via computer communications. Unless, it has been approved in the contractual requirement.
Never leave these documents lying around on printers or in conference rooms.
Don’t forget to remove any FOUO data off of a whiteboard.
Protect this information with steps to minimize the risk of access to unauthorized personnel.
7. Need-to-Know
In addition to having a clearance, you must have a “need-to-know” for accessing classified information.
Need-to-know is defined as: “a determination by an authorized holder of classified information that access to the information is required by another appropriately cleared individual to perform official duties” Executive Order 12958.
It is your personal responsibility to know that the person you are dealing with is both properly cleared and has a need to know.
Never reveal or discuss classified information with anyone other than those that are properly cleared and have a need to know.
8. Classified Information Must never be left unattended.
Never be discussed in public places.
Must be discussed on STE or STU III telephone or sent via secure fax. (8th floor office next to safe room)
Received and transmitted thru Security.
Must be under control of an authorized person.
Stored in approved storage container or closed area.
If working on classified in office the door must remain shut with the Restricted Area sign posted and blinds down.
Must never be processed on your computer unless approved by the US Government.
9. Classified Markings Requirements Identification Markings- Name and address of contractor responsible for its preparation, and the date of preparation.
Overall Markings- Highest level of classified information contained and marked on the top and bottom of the outside of the front cover and outside of the back.
Page Markings- Interior pages marked at the top and bottom with highest level of classification. If all the information is unclassified it must be marked unclassified.
Portion Markings- Each section, part, paragraph, or similar portion shall be marked to show the highest level of its classification, or that the portion is unclassified.
Subject and Title Markings- Unclassified subjects and titles shall be selected for classified document, if possible.
10. Markings for Derivatively Classified Information Derived From- links the derivative classification applied to the material by us (the contractor) and the source document(s) or classification guide(s) under which it was classified.
When phrase “multiple sources” is used, the records must be maintained and may take the form of a bibliography.
If source document itself is marked “Multiple Sources” specifically identify the source document by author, date, and subject on the “Derived from” line.
Downgrade To- When downgrading instructions are contained in the Contract Security Classification Specification, classification guide or source document the “Downgrade To” line should be included.
Declassify On- Mark with the declassification instruction from the source document that requires the longest period of classification.
If source is marked “OARD” or “X1 through X8” use example: Declassify On: January 1, 2028 Source Marked X1 Dated January 1, 2003
“Declassify On” should not exist if material contains RD or FRD
11. IT Security Each user must be briefed on Classified IS procedures before they will be given an account.
Each user will receive a re-briefing at least once a year.
Each user much has a user account with a password (8 character complex).
Users may not share accounts or passwords with other users.
A user must notify the ISSM/ISSM as soon as they no longer need access to an account.
12. End of Day Checks Each cleared individual at TSC is responsible for conducting the end of day checks.
Remember to have someone cover the days you will not be on-site at TSC.
In cases of emergency situation the end of day checks may not be completed.
If an emergency arises and you are working on classified material, do your best to store in an approved storage container before exiting. In some cases this may not be possible if not adapt to the situation and report the steps you took to protect this material to the security officer.
13. Destruction All FOUO and Privacy Act Information should be placed in the Shred-It bins for destruction.
All Classified Information should be shredded in the approved shredder located in the 6th floor safe room or place in the destruction boxes in CA-6 or CA-4. No other methods should be used!
Working papers must NOT retained for more than 180 days from creation for Secret and Confidential material.
Safes will be inventoried periodically, at least every 6 months, to eliminate mass destructions and keep minimal retention of classified material.
14. Reporting Requirements Change of: Name, Marital Status, Citizenship, Cohabitation
Adverse Information: criminal activities, treatment of mental or emotional disorders, excessive use of intoxicants, use of illegal controlled substances, excessive indebtedness or recurring financial activities
Exploitation by the intelligence services of another country
Loss, compromise, or suspected loss of compromise of classified or proprietary information.
Unlocked security container
Foreign Influence: Immediate family or in-laws take up residence or citizens of a foreign country.
Suspicious Contacts
Foreign Travel
Termination of Employment
15. Hotline Reports �
16. Security Violations A security violation or infraction is any breach of security regulations, requirements, procedures or guidelines, whether or not a compromise results.
No matter how minor, any security violation or infraction must be reported immediately to the security officer so that the incident may be evaluated and appropriate action be initiated.
Although accidental and infrequent minor violations do happen, deliberate or repeated failure to follow the security rules is definitely not.
Get familiar with your security responsibilities. Ignorance does not excuse you from disciplinary action, termination, or criminal prosecution should an infraction/violation occur.
17. Threat Awareness The FBI believes that nearly 100 countries are now running economic espionage operations against the United States.
Economic Espionage is (1) whoever knowingly performs targeting or acquisition of trade secrets to (2) knowingly benefit any foreign government, foreign instrumentality, or foreign agent. (Title 18 U.S.C, Section 1831)
How to Protect Our Business
Recognize there is a real threat.
Identify and valuate trade secrets.
Implement a definable plan for safeguarding trade secrets.
Secure physical trade secrets and limit access to trade secrets.
Confine intellectual knowledge.
Provide ongoing security training to employees.
18. The Spying Game�Tricks of Today’s Trade Know What Spies Want
The inside skinny on our government’s policies and intentions towards their country
Details on U.S. military plans and weapons systems
Our nation’s best scientific and technological innovations and research, both public an private.
Cutting edge U.S. management practices.
Know Their Favorite “Disguises”
Representatives at supposed “research institutes”;
Visiting business professionals and scientists;
Tourists or visitors on non-immigrant visas;
Diplomatic officials, the standard cover;
False front companies; and
Students and educators.
19. Continued Tricks of the Trade Know Their Collection Strategies
Out of the blue, you get a call asking for the latest manual for one of your products. Or someone shows up unannounced at your plant and asks to buy large quantities of your electronics. The end game? They dissect your products and then go out and start producing the technologies themselves.
Foreign intelligence operatives strike up a relationship with a business professional, tourist, diplomat, expatriate, or student visiting their country. At first, it’s a purely social relationship. But then it slowly turns to talk of what that person may know. In some cases, that person may end up selling vital secrets for cash. �
A series of university students and professors from overseas take jobs in research labs on campus and get involved in related military projects. Individually, they learn only bits and pieces. But collectively, when they pass that information back to their home country, it paints a telling picture of our country’s defense initiatives.
You hire a foreign-born engineer who has been educated in this country. Over a 10-15 year period, she rises to mid-level management. Then, she returns to her home country—where she gets paid by that government to set up a business that competes with yours.
20. Updated Security Practice & Procedures Perimeter Alarm Procedures
Visitors
ID Badges
Closed Area Procedures
Badge/Visit Access Request Procedures
Electronic Questionnaires for Investigations Processing (e-Qip)
21. Recap Clearance Information
For Official Use Only (FOUO)
Need-to-know
Security Classification System
IT Security
End of Day Checks
Destruction
Reporting Requirements
Threat Awareness
Updated Procedures
22. Questions? Thank You!
23. Security Awareness Briefing�Acknowledgement Certificate I hereby certify that I have received a Security Awareness Briefing.
I acknowledge that it is my responsibility to read and adhere to these requirements.
Name:_____________________________________ Date:____________
Signature:__________________________________
