Information Assurance essential for cybersecurity

Information Assurance essential for cybersecurity

Information Assurance, or IA, education is important for keeping Hill Air Force Base’s military and civilian workforce up to speed in the constantly evolving cyberspace environment.

IA is a critical piece of cybersecurity, which encompasses computer security, communications security and emissions security. All network users are required to complete information assurance training annually for continued access to the network.

The following IA measures serve as a reminder to users in guarding against malicious activity toward DOD’s information networks:

Situational awareness tips

To avoid being targeted by adversaries: 

• Remove your security badge after leaving your workstation 

• Don’t talk about work outside your workspace unless it is a specifically designated public meeting environment and is controlled by the event planners 

• Even inside a closed work environment, be careful when discussing classified or sensitive information, such as PII or PHI, as people without a need-to-know may be present 

• Avoid activities that may compromise situational awareness 

• Be aware of people eavesdropping when retrieving messages from smartphones or other media 

Social engineering tips 

Social engineers use telephone surveys, email messages, websites, text messages, automated phone calls and in-person interviews. To protect against social engineering: 

• Do not participate in telephone surveys 

• Do not give out personal information 

• Do not give out computer or network information 

• Do not follow instructions from unverified personnel 

• Document interaction: 

— Verify the identity of all individuals 

— Write down phone number 

— Take detailed notes 

• Contact your security POC or help desk 

• Report cultivation contacts by foreign nationals 

Insider threat tips 

Insider threats are threats from people who have access to the organization’s information systems and may cause loss of physical inventory, data and other security risks. To protect against the insider threat: 

• Be alert to and report any suspicious activity or behavior 

• Be alert to and report potential security incidents 

Identity theft tips 

Social engineering can result not only in the disclosure of sensitive government information, but also in identify theft. To protect your identity: 

• Ask how information will be used before giving it out 

• Pay attention to credit card and bank statements 

• Avoid common names or dates for passwords and PINs 

• Pick up mail promptly 

• Shred personal documents 

• Refrain from carrying SSN card and passport 

• Order credit report annually 

To respond to identity theft if it occurs: 

• Contact credit reporting agencies 

• Contact financial institutions to cancel accounts 

• Monitor credit card statements for unauthorized purchases 

• Report crime to the local law enforcement 

Tips for teleworking 

• Obtain permission from your organization 

• Follow your organization’s guidance to telework 

• Use authorized equipment and software and follow your organization’s policies 

• Perform telework in a dedicated area at home 

• Don’t remove classified documents from your workspace

Leave a Reply

Your email address will not be published.

Top

Login


Create an Account!
Forgot Password?

Create an Account!


Username
Want to Login?

Forgot Password?