UNITED24 - Make a charitable donation in support of Ukraine!

Intelligence

Hamre Orders DoD Web Security Review

 
 American Forces Press Service

 WASHINGTON -- Deputy Defense Secretary John Hamre directed a 
 security review Sept. 24 to ensure information on publicly 
 accessible DoD Internet sites does not compromise national 
 security or place personnel at risk.
 "The Internet World Wide Web provides the department with a 
 powerful tool to convey information quickly and efficiently on a 
 broad range of topics," Hamre said in a memorandum sent 
 departmentwide. "At the same time, . " he added, "such 
 information, especially when combined with information from 
 other sources, increases the vulnerability of DoD systems and 
 may endanger DoD personnel and their families."
 Hamre said he was concerned about the possibility of personal 
 and private information being posted to publicly accessible Web 
 sites, such as service members' Social Security numbers or home 
 addresses.
 The department uses the Internet in a variety of ways, including 
 contract administration, finance, electronic commerce and news 
 reporting. The activities won't change, he said, but more 
 attention will be given to the security implications of Web 
 technology. "Security and efficiency can be achieved at the same 
 time," he said.
 Hamre's order for the review includes the creation of a task 
 force to develop policy and procedures addressing operational, 
 public affairs, acquisition, technology, privacy, legal and 
 security issues associated with the use of DoD Web sites. The 
 group's preliminary guidance should be issued to the field by 
 late November, he said.
 Pending the task force guidance, and provided that essential 
 missions are unaffected, all DoD organizations have 60 days to 
 remove from their public Web sites: plans or lessons learned 
 that would reveal sensitive military operations, exercises or 
 vulnerabilities; information on sensitive troop movements; 
 personal data such as Social Security numbers, birth dates, home 
 addresses and home phone numbers; and any other identifying 
 information about family members of DoD employees and military 
 personnel.
 The Hamre order directs all DoD components to conduct a 
 comprehensive security assessment of all their Web sites within 
 three months of receiving the task force guidance, and conduct 
 annual reassessments thereafter. It orders a plan be implemented 
 by March 1999 that uses reserve component assets to conduct 
 operational security and threat assessments of DoD Web sites. It 
 also orders the development of a Web information security 
 training program by March 1999.
 "I believe that these steps will help us to better manage Web 
 information services to strike the appropriate balance between 
 openness and sound security," Hamre said. For more information 
 and discussion about department Web security issues, visit DoD's 
 home page at www.defenselink.mil and its special, Web security 
 pages at http://websecurity.afis.osd.mil.
 
 -END-
 




NEWSLETTER
Join the GlobalSecurity.org mailing list