Email this Article Email   

CHIPS Articles: Increased Prohibited Use of Unauthorized USB devices on the NMCI Network

Increased Prohibited Use of Unauthorized USB devices on the NMCI Network
By DON CIO - February 5, 2021
Department of Navy (DON) information technology (IT) resources greatly enhance our warfighting and business processing capabilities. However, when used inappropriately and without regard to good practices, these same resources increase the DON's exposure to malicious intrusions, expose our most critical information to threats, and increase costs through spillage and higher bandwidth requirements. We must change the cyber culture, take responsibility for cybersecurity, and practice good cyber hygiene. Maintaining cyber readiness is an all hands responsibility. The combined effect of recreational internet surfing and non-mission related high bandwidth intensive activities (e.g., streaming media such as movies or music, downloading images for personal use, etc.), impacts overall network performance, impedes critical business and mission needs and exposes our information systems to unnecessary vulnerabilities.

The DON CIO Chief Information Security Officer (CISO) Team continues to promote the need for everyone to be vigilant about protecting the network and data. Like sentries standing guard to prevent unauthorized access or watching for fires, everyone in the Department of the Navy enterprise must become a 'Cyber Sentry' and be 'Cyber Ready.'

Naval Network Warfare Command (NNWC) has detected a higher volume of users connecting "unauthorized" USB devices to NMCI workstations. Please do your part to protect all our networks and the capabilities we deliver to our warfighters by being vigilant and NOT connecting unauthorized devices.

Non-GFE iPhones, iPads, Smart Phones and Memory Sticks are among these unauthorized devices. Connecting these to NMCI workstations constitutes a violation of the System Authorization Access Request Navy (SAAR-N) OPNAV 5239/14 as indicated in the attached NMCI User Awareness Bulletin (#20120804-0500). For additional information, users can review the NMCI bulletin, or contact the NMCI Service Desk (1-866-THE-NMCI (1-866-843-6624) or by e-mail at ServiceDesk_Navy@nmci-isf.com ). Users needing to move files on or off their computer should contact their command IT help desk for guidance.

*Note, for all devices issued by the DON, the below resources are available on the DON CIO website. Additionally, the DON CIO CISO team has posted additional information on the Defend Strategic Initiatives, Cybersecurity, Privacy, and Identity Protection.

1. Amplifying Guidance to the DON Acceptable Use Policy Regarding Collaboration Tools (DON CIO Memo - April 1, 2020): This memo provides amplifying guidance on the acceptable use of the Department of the Navy IT; i.e., Government Furnished Equipment. Use of collaboration tools greatly enhances our warfighting and business process capabilities during the COVID-19 crisis; however, the use of unauthorized collaboration tools on DON IT could expose critical information or introduce vulnerabilities.

For details, visit: https://www.doncio.navy.mil/ContentView.aspx?id=13337

2. Acceptable Use of DON Information Technology (DON CIO Memo - February 25, 2020): DON IT resources greatly enhance our warfighting and business processing capabilities. However, when used inappropriately and without regard to good practices, these same resources increase the DON's exposure to malicious intrusions, expose our most critical information to threats, and increase costs through spillage and higher bandwidth requirements.

For details, visit: https://www.doncio.navy.mil/ContentView.aspx?id=13258

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer