HomeNewsArticle Display

AFNet PII breaches still a concern

Multiple methods to encrypt sensitive information exist and are available for use. AFNet users can protect information within the AFNet by encrypting sensitive emails, typing FOUO the subject line and by including a privacy act statement at the beginning of the email. (U.S. Air Force graphic/Chief Master Sgt. John Zincone)

Multiple methods to encrypt sensitive information exist and are available for use. AFNet users can protect information within the AFNet by encrypting sensitive emails, typing FOUO the subject line and by including a privacy act statement at the beginning of the email. (U.S. Air Force graphic/Chief Master Sgt. John Zincone)

Multiple methods to encrypt sensitive information exist and are available for use. AFNet users can encrypt information leaving the AFNet by using the AF Reasearch Lab's encryption wizard, the encryption capabilites of Microsoft Office or by sending the documents via snail mail. (U.S. Air Force graphic/Chief Master Sgt. John Zincone)

Multiple methods to encrypt sensitive information exist and are available for use. AFNet users can encrypt information leaving the AFNet by using the AF Reasearch Lab's encryption wizard, the encryption capabilites of Microsoft Office or by sending the documents via snail mail. (U.S. Air Force graphic/Chief Master Sgt. John Zincone)

PETERSON AIR FORCE BASE, Colo. (AFNS) -- More than one month after Air Force Space Command's implementation of lock-out procedures for individuals found to have inappropriately transmitted Personally Identifiable Information, PII breaches still remain a significant issue.

While the average number of daily incidences of PII breaches have decreased there is still a lot of work to be done to prevent future PII incidents, said Gen. William L. Shelton, the commander of Air Force Space Command.

"We've all got to work harder to eliminate PII violations," Shelton said. "In November more than 5,000 individuals were affected by a single PII breach. PII that is not properly protected becomes vulnerable to interception by an adversary. That creates the risk of the information being used to target individual users to gain their credentials and potentially gain access to our networks. From an individual perspective, it can also lead to identity theft. We can't stand the network or the personal consequences, so we must stop PII breaches on the AFNet (Air Force Network)."

During the six month period from May through October the Air Force averaged approximately 3.3 reports affecting 1,935 members per day. Since launching the new policy and process, that average has dropped to approximately 2.7 reports affecting 991 members per day.

"The most common violations we are seeing are people transmitting personnel rosters from .mil to .com addresses and vice versa," said Col. Douglas Coppinger, the 67th Cyberspace Wing vice commander, the wing whose mission encompasses the detection of PII breaches. "While quite often these breaches are not of malicious intent, we need to better educate our Airmen on the protection of this type of information."

One tool available for protecting information is provided by the Software Protection Initiative established by the Under Secretary of Defense for Acquisition, Technology and Logistics in December 2001. The SPI has the mission of marginalizing a threat actor's ability to steal and exploit critical Department of Defense intellectual property found in application software.

Users have multiple tools at their disposal to protect PII if encrypting e-mail is not feasible, but electronic transmission of sensitive PII is operationally required. Users can leverage approved DOD file exchange services through AMRDEC SAFE, file encryption wizards, or simply use Microsoft Office password protection.

"Once personnel understand what information can be sent home and how to protect it, this provides Airmen clear lanes in the road they can follow, and provides commanders the framework to properly address infractions of those set rules," Coppinger said.

Continuing force-wide education on the protection of electronic information is a top priority for AFSPC and those responsible for protecting the AFNet.

"We are working with leaders across the Air Force to educate and address PII breaches," said Maj. Gen. James K. McLaughlin, the 24th Air Force commander. "As the technology we use to protect the Air Force Network improves, we have gained better visibility of information crossing through and leaving the network. As a matter of fact, we already detect 100 percent of all pieces of PII crossing through the AFNet. What we're doing now is making a concerted effort to hold people accountable, helping to ensure all AFNet users are handling this important information properly."

The AFSPC lock-out procedures were put in place based upon AFSPC's responsibility to operate and defend the AFNet and each individual user's responsibilities that comes with access to the network. AFMAN 33-152, User Responsibilities and Guidance for Information Systems, requires special handling for PII data.

AFNet users should contact their unit Privacy Manager as well as refer to Air Force Instruction 33-332, The Air Force Privacy and Civil Liberties Program, for additional information on safeguarding PII.

Engage

Facebook Twitter
Thousands of #Airmen have found support through our Exceptional Family Member Program, which allows them to proceed… https://t.co/OVSsRLN6F7
Hear @GenDaveGoldfein expound on what it takes to modernize #AirForce squadrons for future missions. https://t.co/a6F0tRfMxU
If you aren't taking advantage of #FollowFriday by following @Creech_AFB you are missing out on the famed "Hunters"… https://t.co/omTO945zAf
May we never forget, National #POWMIA Recognition Day. https://t.co/Oyu82RbIRO
RT @HQ_AFMC: Dr. Will Roper, assistant secretary of the @usairforce Acquisition, Technology, and Logistics, was one of the featured speake…
#ICYMI, Ms. Brie Larson, star of the upcoming feature film "Captain Marvel," joined #Airmen from across the NCR and… https://t.co/6lxYK3l85A
“Our dogs are definitely not pets; they are #MilitaryWorkingDogs – assets to the #USAF…The trust these teams have i… https://t.co/PVPq9Up5iN
#USAF optometry clinics keep #Airmen's eyes healthy so they can keep their sights set on the mission.… https://t.co/siyO4osHjr
First female chaplain from the #171ARW completes Leadership Development Institute training, develops the first… https://t.co/oFFpYZf9Mg
.@USAFReserve #Airmen @45thSpaceWing put their lives on temporary hold to respond to the aftermath of… https://t.co/m0yaqqUEaV
#ICYMI, @HAFB took a different approach to #cosplay at #FanX18 by teaming up with the Utah Engineers Council to pre… https://t.co/RChVGaP8rN
RT @USAFHealth: #TBT Flight Nurse Captain Shirley A. Armstrong hands a cup of fruit juice to a patient in a C-141 Starlifter during a medic…
Rapid global mobility is the mantra of the #816EAS and #ICYMI #Airmen continued to live it by shuttling cargo and l… https://t.co/5VI4R4wFQa
.@AETCommand officials announced the second iteration of Pilot Training Next https://t.co/qB5YwQSLip
RT @SecAFOfficial: The #AirForce We Need, begins with resilient and ready #Airmen. #ASC18 #CMSAF https://t.co/ogfN6Xtn2V https://t.co/kyCJ…
We're going #LIVE as #CMSAF Wright speaks at #ASC18. Watch on our Facebook page at 10:45 a.m. EDT:… https://t.co/LIc3O6CdiW
Our own @AstroHague will launch into #Space in less than a month! https://t.co/RaQsXp14NP
In order to support the NDS, the Air Force We Need will require a restructure of our expeditionary force structure.… https://t.co/O63bDWHAbC