for users of classified information systems is n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
For Users of Classified Information Systems (IS) PowerPoint Presentation
Download Presentation
For Users of Classified Information Systems (IS)

Loading in 2 Seconds...

play fullscreen
1 / 38

For Users of Classified Information Systems (IS) - PowerPoint PPT Presentation


  • 185 Views
  • Uploaded on

INFORMATION SYSTEM SECURITY. For Users of Classified Information Systems (IS). Disclaimer. This briefing is generic in nature and should be used as a guideline for briefing System Users. Overview. Acronyms General Users Responsibilities - All Information System Security Policies

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'For Users of Classified Information Systems (IS)' - theophilia-xylia


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
disclaimer
Disclaimer

This briefing is generic in nature and should be used as a guideline for briefing System Users.

overview
Overview
  • Acronyms
  • General Users
  • Responsibilities - All
  • Information System Security Policies
  • System Hardware and Software
  • System Maintenance
  • Passwords
  • Auditing
acronyms definitions
Acronyms/Definitions
  • FSO- Facility Security Officer
  • ISSM - Information System Security Manager
  • ISSO - Information System Security Officer
  • Closed Area - Allows unattended classified processing
  • Restricted Area - Allows attended classified processing
acronyms definitions cont d
Acronyms/Definitions - cont’d
  • DSS - Defense Security Service
  • CSA - Cognizant Security Authority (i.e., DSS)
  • C & A - Certification and Accreditation
  • IATO - Interim Approval to Operate
  • IS - Information System
  • SSP - System Security Plan
  • DAA - Designated Approving Authority
acronyms definitions cont d1
Acronyms/Definitions - cont’d
  • NISPOM - National Industrial Security Program Operating Manual
  • CM - Configuration Management
  • PL1 - Protection Level 1
  • ISSP - Information System Security Professional
general users
General Users
  • That’s YOU!!!
  • Individuals who can input, modify, or receive information from an IS
  • Individuals who have appropriate clearance, need-to-know and formal access approvals
  • Individuals who have been authorized system access by the ISSM/ISSO
responsibilities all
Responsibilities - All
  • Ensure that you are:
    • Aware of your IS responsibilities
    • Accountable for your actions
    • Protection of your password to the highest classification level of the system and

not sharing it!

    • Acknowledging in writing, that you will

protect the IS and all classified information

is policy and procedures
IS Policy and Procedures

Procedures

Information System

Information System Security Plan

Policy

DOD 5220.22-M National Industrial Security Program Operating Manual

February 2006

slide10
ISSM
  • Designated by management
  • Responsible for all IS Security Education
  • Establishes, implements, monitors IS program and ensures compliance
  • Identifies threats (internal/external)
  • Ensures periodic self-inspections
issm cont d
ISSM - (cont’d)
  • Acknowledgement statements
  • Security features
  • Implementation of SSP
  • Maintenance procedures
  • De-certification
slide12
ISSO
  • May be appointed by ISSM
  • May perform functions delegated by the ISSM
  • Ensure SSP accurately depicts operational requirements
  • Ensure unauthorized personnel are not granted access to an IS
  • Ensure system recovery processes restore security features
  • Ensure active user IDs are re-validated annually
privileged users
Privileged Users
  • System Administrators
    • Users having “superuser” or “root”
    • Users having ability to change other user’s access
system hardware software
System Hardware & Software
  • Authorization is required from ISSM/ISSO prior to installation
system hardware
System Hardware
  • IS hardware must be examined prior to use for classified processing
  • Must maintain strict Configuration Management
  • ISSM must approve ALL configuration changes on classified systems
  • ISSO will verify all new hardware or software is accounted for in the SSP
system hardware cont d

SECRET/FGI

UNCLASSIFIED

SECRET/FGI

UNCLASSIFIED

System Hardware - cont’d
  • Labels
    • Highest, more restrictive Category
    • Unclassified hardware must be marked UNCLASSIFIED
system hardware cont d1
System Hardware - cont’d
  • Hardware going in/out of controlled area
    • Must be approved!
  • Co-Located Systems -
    • Systems must be clearly marked
    • Users must be briefed and cautioned about LAN Contamination risks
hardware modifications
Hardware Modifications
  • Approved by ISSM
    • Prior to installation or execution
  • Recorded in Maintenance Log
system software
System Software
  • All software must be licensed and acquired from reputable and authorized sources only
    • Approved vendors, GFE, In-House developed
    • Personally-owned software is prohibited
    • Restriction on shareware, freeware, public bulletin board software and software from foreign sources
    • Must receive prior approval from ISSM/ISSO before loading on system
    • Does not apply to routine software upgrades already stipulated in approved SSP’s. (e.g., Anti-virus signature updates, etc.)
system software cont d
System Software - cont’d
  • Software can not be brought

into the lab without being virus

checked first

  • Anti-Virus signature files need to be kept current
  • Notify ISSM/ISSO immediately should an infection occur
  • DSS requirements:
    • Isolation and damage assessment prior to corrective actions
    • Contamination of classified systems requires notification to DSS
trusted downloading copying unclassified lower level files to magnetic media

System Software - cont’d

Trusted DownloadingCopying Unclassified/Lower Level Files to Magnetic Media
  • This MUST be approved by DSS/ISSM first!

Check your Security Plan

    • Be aware of what is classified
    • Review files before and after copying
    • Be aware of the embedded data issue
    • Use a Government-approved utility
slide22

SECRET

CLASSIFIED BY: DD254 3 JUNE 1999

CONTRACT NO: XXXXXX

DECLASSIFY ON: X3

PROJECT: XYZ

CONFIDENTIAL

CLASSIFIED BY: DD254 3 JUNE 1999

CONTRACT NO: XXXXXX

DECLASSIFY ON: X3

PROJECT: XYZ

UNCLASSIFIED

System Software - cont’d

  • LABELS
    • DSS Marking Supplement
    • http://people.lmaero.lmco.com/itrain/manage/dloads/markingguide.pdf

Media Controls & Marking

    • All Media in a Controlled Area Must be Marked
    • Open Shelf Storage – Case by Case
      • Must be approved by DSS NISPOM 5-306a
system software cont d1
System Software - cont’d
  • Foreign Coded or

Foreign-Owned Software

    • Research Origin of Software
    • Foreign software will only be considered if there is no comparable American made package
    • Prior concurrence from DSS required on foreign coded packages
    • Provide ample time to allow DSS to research package
system maintenance
System Maintenance
  • All system maintenance must be pre-coordinated through ISSO or ISSM prior to occurring
  • Must use a cleared technician when at all possible
    • Briefed company technician
    • Briefed outside vendor technician
system maintenance cont d
System Maintenance - cont’d
  • Uncleared Technicians
    • Use only as a last resort
    • Uncleared maintenance personnel must be US Citizens
    • Requires a technically knowledgeable “shoulder-to-shoulder” escort while in secure area
    • Prior sanitization of work areas as well as the systems in question
    • Use of dedicated, unclassified media for maintenance
    • If system has fixed internal drive, restrict access to all input and output devices
system maintenance cont d1
System Maintenance - cont’d
  • Diagnostic equipment may not be connected to system
periods processing
Periods Processing
  • Separate Sessions
  • Different Classification Levels
  • Different Need-To-Know
  • Removable Media for each processing session
who should be notified when
Who Should Be Notified When?
  • Any equipment changes from the security profile
    • ISSM
  • Software upgrades
    • ISSM
  • Changes to the access list
    • ISSO
  • Discrepancies with procedures
    • ISSM
  • Abnormal events
    • ISSM & ISSO
  • Detect viruses
    • ISSM & ISSO
who should be notified when cont d
Who Should Be Notified When? cont’d
  • Equipment not functioning
    • ISSO & ISSM
  • Equipment requiring sanitizing
    • ISSO & ISSM
  • Suspicious use of the systems

(usually associated with

Need-To-Know)

    • ISSO & ISSM
  • Visitors not being escorted
    • ISSO & ISSM
  • When someone no longer needs

access to the system

    • ISSO
audit records
Audit Records
  • All audit records should include enough information to allow the ISSM/ISSO to determine…
    • date and time of action
    • system locale of the action
    • system entity that initiated or completed the action
    • resources involved
    • action involved
  • Protect the contents of audit trails against unauthorized access, modification or deletion
passwords
Passwords
  • Minimum 14 Characters
  • Classified to the highest level of the system
  • Changed every 90 Days
  • Changed when compromised
  • Automated generation when possible
passwords cont d
Passwords - cont’d
  • If User Generated:
    • no dictionary words
    • mix upper and lower case
    • no blanks
  • Examples:
    • fly2high
    • Bigb&sRHip
clearing and sanitization
Clearing and Sanitization
  • Printers
    • Print one page (font test) then power down
computer incidents
Computer Incidents
  • Don’t touch or delete anything!
  • Notify ISSO/ISSM as soon as possible
  • ISSO/ISSM will perform a preliminary investigation of the incident
computer incidents cont d
Computer Incidents - cont’d
  • FSO will notify DSS
  • ISSM will provide a solution to DSS on how to best resolve the situation
public disclosures

DAILY BLAB

Technology Today

TODAY - In The News

  • Contractor is reported to announce.. continued on page 6)
Public Disclosures
  • Disclosures of classified information appearing in the public media, publications or other sources remains classified.
  • Individuals are not relieved of their obligation to maintain the secrecy of such information and are bound by the Non-Disclosure Agreement signed during their indoctrination.

When responding to questions about the Company or other Company sites, including those released through:

Radio or TV, Newspapers, Magazines or Trade Journals

You should neither confirm nor deny information found in public sources. Questions should be referred to your local Security Office or to the appropriate Public Relations Office.

conclusion
Conclusion
  • Security is everyone’s responsibility!
    • You are in the trenches and can help us by being our eyes and ears to what is going on in the facilities
    • Let’s work together!