拉姆斯菲尔德在留言国防部网站OPSEC差异 - 金博宝网站,金博宝正规网址,金博宝更改账户

RAAUZFH1 RUEOCSA8002 0142335-UUUU - RUEASRB。RUHHCSA8002作者ZNR UUUUU ZOV RUEOCSA0144 RELAY 0142205 ZUI RHHMMCA1514 0142329 ZFH1所有直接连接RUHH SUBSCRIBERSř141553Z 1月3日FM SECDEF华盛顿特区ALDODACT INFO RUEKJCS / SECDEF WASHINGTON DC // DASD SIO // // SECURITY BT UNCLAS ALDODACT 02/03收件人PASSTO ALL下级司令部主题：WEB SITE OPSEC不符1.基地组织训练手册中回收阿富汗指出：“使用公共资源公开，而不诉诸非法手段，可以收集信息有关敌人的至少80％。”超过700 GIGABYTES，THE DOD基于Web的数据使得信息ON DOD计划，方案和活动的一个巨大的，容易获得的来源。我们必须结束我们的敌人ACCESS国防部网站获得有关定期。2. THE FACT THAT FOR OFFICIAL USE ONLY (FOUO) AND OTHER SENSITIVE UNCLASSIFIED INFORMATION (E.G., CONOPS, OPLANS, SOP) CONTINUES TO BE FOUND ON PUBLIC WEB SITES INDICATES THAT TOO OFTEN DATA POSTED ARE INSUFFICIENTLY REVIEWED FOR SENSITIVITY AND/OR INADEQUATELY PROTECTED. OVER 1500 DISCREPANCIES WERE FOUND DURING THE PAST YEAR. THIS CONTINUING TREND MUST BE REVERSED. 3. THE DOD WEB SITE ADMINISTRATION POLICY (LINK AT WWW.DEFENSELINK.MIL/WEBMASTERS) REQUIRES THAT INFORMATION BE REVIEWED FOR DATA SENSITIVITY PRIOR TO WEB POSTING AND PROTECTED ACCORDINGLY. THIS REVIEW IS TO BE ACCOMPLISHED IN ACCORDANCE WITH DOD DIRECTIVE 5230.9, CLEARANCE OF DOD INFORMATION FOR PUBLIC RELEASE, AND DOD INSTRUCTION 5230.29, SECURITY AND POLICY REVIEW OF DOD INFORMATION FOR PUBLIC RELEASE, AND MUST INCLUDE OPERATIONS SECURITY (OPSEC) CONSIDERATIONS AS DEFINED BY DOD DIRECTIVE 5205.2, DOD OPERATIONS SECURITY (OPSEC) PROGRAM. 4. USING THE OPSEC PROCESS IN A SYSTEMATIC WAY AND THINKING ABOUT WHAT MAY BE HELPFUL TO AN ADVERSARY PRIOR TO POSTING ANY INFORMATION TO THE WEB COULD ELIMINATE MANY VULNERABILITIES. THE INTERAGENCY OPSEC SUPPORT STAFF (IOSS) CAN PROVIDE PROFESSIONAL ASSISTANCE WITH THE OPSEC PROCESS (SEE WWW.IOSS.GOV). LIMITING DETAILS IS AN EASILY APPLIED COUNTERMEASURE THAT CAN DECREASE VULNERABILITIES WHILE STILL CONVEYING THE ESSENTIAL INFORMATION. SECURITY AND ACCESS PROTECTIONS MUST BE APPLIED ACCORDING TO THE SENSITIVITY OF DATA FOR BOTH WEB PAGES AND WEB-ENABLED APPLICATIONS. UNPUBLISHED ADDRESSES (URLS) AND UNLINKED WEB PAGES DO NOT PROVIDE SECURITY. SEE PART V, TABLE 1 OF THE WEB SITE ADMINISTRATION POLICY FOR FURTHER GUIDANCE. 5. HEADS OF COMPONENTS ARE RESPONSIBLE FOR MANAGEMENT OF INFORMATION PLACED ON COMPONENT WEBSITES. THEY MUST ENSURE THAT WEBSITE OWNERS TAKE RESPONSIBILITY FOR ALL CONTENT POSTED TO THEIR WEBSITES. WEBSITE OWNERS MUST REDOUBLE THEIR EFFORTS TO: A. VERIFY THAT THERE IS A VALID MISSION NEED TO DISSEMINATE THE INFORMATION TO BE POSTED, B. APPLY THE OPSEC REVIEW PROCESS, C. LIMIT DETAILS, D. USE THE REQUIRED PROCESS FOR CLEARING INFORMATION FOR PUBLIC DISSEMINATION, E. PROTECT INFORMATION ACCORDING TO ITS SENSITIVITY, AND F. ENSURE REVIEWING OFFICIALS AND WEBMASTERS ARE SELECTED AND HAVE RECEIVED APPROPRIATE TRAINING IN SECURITY AND RELEASE REQUIREMENTS IN SUPPORT OF DOD WEB POLICY. 6. IT IS A TEAM EFFORT AMONG THE INFORMATION ORIGINATOR, THE WEBMASTER AND THE READER(S) TO ENSURE ONLY THE INFORMATION NECESSARY TO ACCOMPLISH THE MISSION IS POSTED. THESE STEPS WILL HELP ENSURE WE ARE NOT AIDING OUR ENEMIES BY POSTING CONTENT THAT COULD PUT THE LIVES AND MISSIONS OF AMERICAN FORCES AND THOSE OF OUR FRIENDS AND ALLIES AT RISK. BT #8002