Promoting cyber security: USAFA IA experts 'find and fix' network issues, misuse

  • Published
  • By Amber Baillie
  • Academy Spirit staff writer
Those in the information assurance office here - part of the A6 office and 10th Communications Squadron - keep their eyes on the Academy's computer network around the clock to ensure top-notch security throughout the installation.

The Academy's IA office provides policy and guidance for computer security, making sure Airmen use the Academy's networks in a resourceful and responsible manner.

"We are here to help the customer, and to support all types of computer security- related requirement that the customer may have, by focusing on balancing security and the mission of educating cadets," said Angie Thorpe, the headquarters information assurance manager here. "We are tasked to oversee all computer security at the Academy and work with mission elements to ensure that we follow the Air Force's requirements for securing our networks against attacks, and make sure they're updated on their certifications and try to get the word out on security awareness training.

"We also focus on educating our users, as the 'Human in the loop' is always the weakest link in safeguarding our networks," she said. "Computer users are our weakest link. It doesn't matter how much security you have in place, if you're not educated - you're the one letting the bad guy in."

The IA office also contacts each unit when there is a network violation--when someone here connects a personal device such as a flash drive, tablet, cell phone or music player to Academy's network.

"We get those reports and follow up every week," said Academy Wing Information Assurance Manager Margie Killoy. "A good percentage of the time the person thinks since they're just charging something, such as their cell phone, it doesn't matter. But it does, (because) it still gives you access to that mass storage device. We're trying to educate people better on that."

Those who connect a privately-owned (authorized) device to the network are automatically booted out of the domain, Thorpe said.

"If you connect it to the port, it reveals your media access control address," she said. "It's nice, automated technology. It's something we recently implemented and it's been working really well. It's cut down the work load of the 10th Communications Squadron Network Operations because before they had to sort that out manually."

The Academy isn't an exception when it comes to following IA policies, Thorpe said.

"People will try to get around the rules," she said. "We're not unique here--we're still part of the big Air Force. Security must be applied in a balanced way to accomplish security requirements in accordance with Air Force regulations and the academic mission. Our goal is to help people here achieve their requirements in a responsible, risk mitigated manner."

In 2012, the Wing IA office visited 39 units here, assessing IA compliance and fixing deficiencies along the way.

"We conduct information assurance and assessment program visits every year," Killoy said. "It's a find-and-fix procedure, not an inspection. We're there to help them. Each unit has an information assurance officer who we train every quarter, and we're available to answer their questions on a daily basis."

Killoy said the IA program tracks and maintains certifications for those who need elevated privileges on the network, as well as evaluates changes made to the network to determine if they'll affect the security posture.

"We sit on the configuration control board and change advisory boards to make sure there aren't any concerns before a change goes operational," she said. "We also monitor those who make changes to the network to make sure the changes are authorized."

Killoy said the .MIL network is open to personnel and the .EDU network is primarily for cadets and faculty who directly support cadets.

"The rules still apply for the .EDU network as far as not plugging in a personal, unauthorized device," she said. "We have a waiver that allows cadets to use a personal printer at their work station--but the connectivity on the .EDU network is still connected to the Defense Department - it's not a commercial connection."