Whether Team Lee members realize it or not, the need for information security touches all aspects of their daily lives, on- and off-duty.
The statement is even truer in the current environment, observed Charles White, garrison security manager. Because of the pandemic, a lot of personnel are working from home. Usage of social media as a means of communication with troops and the community has dramatically increased. Virtual meetings made possible by electronic communication have become routine.
“Thanks to mandated annual training requirements, the government workforce has a pretty good handle on what needs to be done to protect classified information,” White confirmed. “What we need to ensure is that we’re paying equal attention to Controlled Unclassified Information, or CUI, not only because of our ‘new normal’ of conducting business remotely, but also because humans have always had a natural tendency to speak before they think, especially amid the hustle and bustle of their daily work and home lives.”
White is promoting conversation about the topic because October is National Security Awareness Month, an annual event that stresses the importance of protecting need-to-know and sensitive information throughout the Army. He said the messages shared during the awareness campaign need to be heard by all ranks and those connected with Fort Lee, including military family members who may be privy to information that is not meant to be shared with the public.
To protect CUI, the team has to know what falls into that category. A detailed listing would be exhaustive to read, so White broke it down this way. “What would give you an advantage if you were planning to do harm to Fort Lee personnel or its day-to-day operations?”
Things that fit into that category include personally identifiable information that would make someone more vulnerable to identity theft or coercion. White listed the following:
- Critical infrastructure: emergency management, physical security assessments
- Defense: controlled technical information
- Intelligence: operations security
- International agreements
- Law enforcement information: accident investigation, communications
- Legal: administrative proceedings, protective orders
- Privacy: health information, civilian and military personnel records, home addresses, etc.
Moving on to “defensive measures,” the Security Office offered the following tips:
- When using social media, always think about what exactly is being posted and who could possibly view it based on active security settings. Remind family members that their online activities could be monitored.
- When working at home, establish a secure environment to effectively safeguard CUI. Implement measures that limit or control access to the area; remove CAC every time you step away from your government computer; turn off cameras and microphones when they’re not needed for official business.
- Use screen protectors that limit others from “taking a peek” at your work.
- Follow standard procedures for handling PII. Do not take that info home unless your agency allows it.
- CUI should never be moved to or stored on personal systems.
- Personal email accounts should not be used to transmit official emails, particularly if they contain CUI.
- During conversations over commercial telephone lines, always remember that it’s not a secured transmission and remind others if they begin to share sensitive information.
- Finally – report all security violations, whether at home or in the workplace, thru your security manager and supervisor.
“Every member of the team must remain security and safety minded,” White reiterated. “I know it’s easy to let our guard down amid all the serious business of keeping people safe from COVID-19 and the distractions that causes at work and at home. Just remember that security is our business. We must protect ourselves just as we have sworn to protect our nation.”
Anyone with questions about or needing guidance concerning information security safeguards can contact the Garrison Security Office at 804-734-1569.