AVIANO AIR BASE, Italy --
"Even minutiae should have a place in our collection, for things of a seemingly trifling nature, when enjoined with others of a more serious cast, may lead to valuable conclusion."
When General George Washington first spoke those words, his intentions were to impress upon his soldiers that the protection of information was vital to a successful military campaign. He understood that discipline was needed to protect how information was relayed to the field in order to prevent accidental disclosure to the adversary. The discipline required to protect information has become more critical than ever due to our increasing reliance on cyberspace to achieve national military objectives.
With near instantaneous access to information through a variety of high-tech communications systems, today's military members are better equipped than ever to achieve their mission objectives. Unfortunately, as the accessibility of information increases, so does the potential for its loss, interception and compromise.
Whenever classified or sensitive information, be it in part or as a whole, is transmitted over an unsecured communications system, it has the potential to severely impact mission accomplishment. These data spillages, which are commonly known as Classified Message Incidents are often the result of inadequate procedures, shortcuts or untrained users who inadvertently introduce classified information to an unclassified communications network.
Typically, when classified information is sent on unclassified networks it sets into motion an extensive chain of events; it begins with the isolation of all systems and users, who have been exposed to the information. Depending on multiple factors, the extent of the spillage could easily affect hundreds of systems and users throughout the Department of Defense.
Once a spillage is identified, the timely notification and reporting is critical in mitigating the potential damages. Depending on the sensitivity of the information and the scope of the incident, failure to resolve the issue in an expedient manner could result in mission failure or the loss of lives.
The efforts required to contain a spillage are often substantial and can be measured in the thousands of dollars and hundreds of man-hours depending on the extent of the incident and whether a compromise of classified information has occurred. Fortunately, there are several simple steps you can take to prevent the accidental disclosure of classified information over communications systems.
· Ensure the communication systems being used are cleared to process at the same classification level of the information, or higher
· Avoid crossing security domains (i.e. classified to unclassified network) whenever possible to prevent accidental disclosure.
o If crossing security domains is necessary, ensure data is sanitized prior to transfer by following all applicable procedures and checklists. Contact your Unit Information Security Manager for guidance.
o Ensure the systems and or procedures have been thoroughly documented and approved in Certification & Accreditation packages for Cross-Domain Solutions.
· Remain cognizant of classification levels for the information you handle; most incidents occur simply from the memorization of data handled on a recurring basis however, the sensitivity is often forgotten when communicating the information with other interested parties.
· Ensure all output is labeled with the appropriate classification markings to prevent accidental disclosure.
· In the event a data spillage does occur, immediately contact your supervision and inform your local Information Assurance Officer, or the Wing Cyber Surety office, via secure communications for assistance.
Throughout the history of our nation, the need for discipline when protecting information has always been vital to successful military operations. As technology continues to advance, we must never forget that security must always come before convenience, especially when dealing with classified information. Every communications system user has the responsibility to know and understand how to apply the appropriate controls over the information they process. By taking the necessary steps to prevent accidental disclosure of information, we can ensure the continued integrity, availability and confidentiality of our communications networks and the information we use to accomplish our military objectives.