PITTSBURGH INTERNATIONAL AIRPORT AIR RESERVE STATION, Pa. -- The Defense Information System Agency is the Department of Defense’s manager of the Global Information Grid for all branches of the military.
DISA ultimately manages all of the DOD’s information systems, said Brian Barnes, network administrator with the 911th CS. In an effort to harden both cyber and physical security the DOD has directed Command Cyber Readiness Inspections to take place in order to review the base compliance with DOD directives. This inspection is being conducted on every base around the Air Force.
When the 911th CS completed the CCRI August 15-19, 2016, they passed with flying colors and few security vulnerabilities.
Leslie Vish, local area network manager with the 911th Communications Squadron said that while preparing for the inspection, his team paid extremely close attention to details.
“We were also able to reach out to other bases to see how they were inspected,” said Barnes. “We gathered the information and everybody really worked hard to make sure every one of those inspected areas, especially ones where there were problems for other bases, were shored up.”
Tech. Sgt. David Gross, network administrator with the 911th CS, said that in preparation for the inspection the team was very aggressive at handling issues that came up.
“We had to be proactive instead of reactive,” said Gross. “I don’t think there are too many people in this unit who are afraid to speak up when something’s wrong, and are willing to do what needs to be done to make it right, no matter what’s in the way.”
Major Bennett Reid, director of communications with the 911th CS, said that he was extremely proud of the members of his squadron.
"They put forth a lot of time and effort, and a lot of the things they do behind the scenes goes unnoticed, but I think a lot of them want it to be that way," said Reid. "This inspection was not easy to pass and when I arrived here in January we had to figure out how to prepare for this inspection with little to no direction. A lot members stepped up and were able to overcome the difficult challenges.”
When the team of five inspectors came in, the 911th CS was ready for them. Vish said the inspectors could have pulled the cloak off of anything to inspect it, and everything was all in place. Physical security was squared away, the network was prepared for thorough remote scans, and a massive checklist, prepared by Brenda Mitchell, chief of plans and programs, awaited them so they could determine what they wanted to inspect on the network. Vish said the report was so thorough the inspectors didn’t need to look very hard.
“If you treat them like they’re here to help you, then they will,” said Vish. “If you treat them like they’re outsiders and interfering with your activities, they will burn you.”
While preparation and attention to details were vital to passing this inspection, a major part was the ability to make quick decisions. Dean Kenley, configuration manager with the 911th CS, said there were times when his team was required to make decisions on the fly, and being prepared definitely helped.
“I really appreciate the base populous,” said Barnes. “They really stuck it out and worked with us. We know it was rough at times. Some of the changes impacted their operations, but they all rolled with it.”
Thanks to the hard work of the 911th CS and base personnel, the 911th Airlift Wing received an “Excellent” on the CCRI. But security isn’t just about passing inspections. Here are a few tips from CS to keep both physical and cyber security in check at all times:
-Restart your computer at the end of every duty day. There is no need to shut it down, because the computer will automatically time out after a set amount of time.
-If you take a computer home, make sure it gets plugged back into the network when you’re back on base so it can get the updates it missed.
-Make sure that laptops not in use are plugged into the network at least monthly. Seven days puts it out of compliance for antivirus and after a month it will fall off of the domain, so the more frequently the laptop is plugged in the better.
-Pull your Common Access Card out of the computer when you leave your workspace.
-Never plug any unauthorized equipment such as phone chargers or flash drives into a network computer.
-Keep all sensitive information locked away and under cover.
“The only other thing for the base to understand is that there are reasons for everything the CS does,” said Gross. “This wasn’t just an Air Force Reserve Command thing or an Air Force thing. This was DOD. These were the big dogs that came in here.”