Remain vigilant with new USB policy

In the 21st century, transferring information from one computer to another has been made simple with the growing popularity of thumb drives and external hard drives. With the increasing use of hand-held Smartphones, iPods and cameras, the possibilities are endless. 

With the growth of information transfer, there is a requirement for enhanced security policies governing daily use of government computer systems.

“The USB devices create an inherent vulnerability on our network enterprise,” said Lt. Col. Bradley W. Barnhart, 86th Communications Squadron. “The Department of Defense has found malicious software resident on many thumb drives
handed out at conferences and purchased commercially.”

According to the 86th Airlift Wing’s “Policy on Use of External USB Memory Devices,” the use of devices containing flash media is prohibited on any government system. Simply put, it’s unauthorized to introduce any flash media storage device to any government platform. 

“A general rule of thumb, if it contains a spinning disk, it can be authorized,” Barnhart said. “If it contains a chip (solid-state), it’s an illegal device. Portable USB hard drives are authorized but require approval from the 86th CS Information Assurance Office before connecting to a DOD system. CDs and DVDs are still authorized for use on the NIPRnet.”

Flash media storage includes, but is not limited to, cell phones, thumb drives, MP3 players, iPods, cameras and solid state hard drives (hard drives that contain flash media). These devices, when used on government systems, can allow rogue executable programs such as viruses, spyware and other malware to be installed.

“To protect the Ramstein Enterprise Network, we need every user to be aware of the restrictions and remain vigilant for unusual activity,” Barnhart said. “Just one user circumventing the network defense could create a catastrophic failure of network services.”

The 86th CS conducts daily network scans to identify flash media use and policy offenders on the network.

Once identified, the offender’s logon, device serial number, device description, and date and time stamp will be logged by the scanning application. The user’s account will be locked and the offenders will be forced to re-accomplish annual Information Assurance training. Additionally, unit commanders and Information Assurance officers will be notified with the final determination on re-enabling the account resting with the 86th Airlift Wing commander.

“I truly appreciate our customers supporting the enterprise network defense-in-depth approach by fulfilling their responsibility as a Cyber Warrior,” Barnhart said.

It’s important that all users are vigilant, providing physical security to both their external media devices and government platforms at all times.

(Compiled by Airman 1st Class Ciara Travis, 86th Airlift Wing Public Affairs)