Coast Guard Web Filtering Update
Shipmates,
As I have discussed with you in the past, we operate in a complex and dynamic environment. To maximize our effectiveness and service to the public, we have to simultaneously be as open and transparent as we can, while maximizing the integrity and security of our data networks and sensitive information. This puts us, and particularly our IT experts, in a very complicated position as described by our CIO below.
As an organization, we will continue to exercise creativity and flexibility while finding ways to serve both transparency and security. For example, though twitter is now blocked from use on the Coast Guard Data Network, we recognize the value of that and similar applications in keeping the public informed during critical incidents. Our public affairs program, working with CG-6, will find ways to maintain that capability for specific purposes that support operations without increasing the vulnerability of our network. The use of YouTube is a great example of this. Our release of the video of the "Miracle on the Hudson" through that channel has resulted in an amazing 760,000 views, making it the most viewed video of the day.
----------------------------------
Guest Post from RDML David Glenn (CG-6), Chief Information Officer:
Since my last post regarding social media websites, I have received comments and reviewed the Coast Guard policy on blocking internet websites and would like to provide an update.
As the Coast Guard Chief Information Officer (CIO), I have the responsibility of balancing a computer user's freedom and flexibility with information assurance policies that restrict this access and flexibility in order to manage the risk associated with these activities to ensure data confidentiality and network availability with the Coast Guard networks (CGDN, SIPRNET, etc.). Access and security must be managed and maintained at acceptable levels.
In addition, I have the responsibility to ensure the Coast Guard Information Technology (IT) policies are in accordance with all Federal laws, regulations and policies, including those of the Department of Homeland Security (DHS) and the Department of Defense (DoD). While the Coast Guard is a part of DHS, our computer networks connect to DoD networks too, therefore, the Coast Guard IT polices must align with both departments.
We have Coast Guard policies in place that prohibit access to non-operational internet websites because unhindered access exposes the Coast Guard computers and networks to unnecessary avenues of attack. Cyber security is dynamic and continually evolving because people with malicious intent continually seek new ways to exploit vulnerabilities in computers and networks. Therefore, the Coast Guard is continually monitoring and taking necessary actions to protect our computers and networks. In some instances, these actions may be immediate and without any notification to enable the Coast Guard to contain, minimize, or prevent impact to our computers and networks. Malicious media (viruses, malware, phishing, etc.) are constantly being launched from many of the most common and popular recreational websites. Blocking specific recreational websites is a proactive measure to address these threats and provides the Coast Guard a way to enforce our policy on prohibitive activities outlined in COMDTINST 5375.1(Series), Limited Personal Use of Government Office Equipment, and ALCOAST 091/07. Even with the current policy restrictions, we quarantine and reformat many computers each month due to infections or malware. We will continually address access and security in equal measures and strive to maintain an acceptable balance.
It should be noted that we did review and verify the DHS and the DoD policies on this matter. Our Coast Guard policies are aligned with their prohibited activities. In fact, DHS recently updated the prohibited activities to specifically include restricting social networking websites.
In the near future, the Coast Guard will be deploying the CG Portal. The CG Portal will replace CG Central and the uscg.mil information systems. It will enhance your ability to share information, collaborate and communicate. With CG Portal, you will have many of the internet features available at commercial websites, such as blogs, wikis, discussion forums, feed readers, chat, instant messaging, etc., but in a secure environment that will protect the critical information needed to complete the Coast Guard missions. An ALCOAST announcing the CG Portal deployment will be sent in the coming months.
As I have discussed with you in the past, we operate in a complex and dynamic environment. To maximize our effectiveness and service to the public, we have to simultaneously be as open and transparent as we can, while maximizing the integrity and security of our data networks and sensitive information. This puts us, and particularly our IT experts, in a very complicated position as described by our CIO below.
As an organization, we will continue to exercise creativity and flexibility while finding ways to serve both transparency and security. For example, though twitter is now blocked from use on the Coast Guard Data Network, we recognize the value of that and similar applications in keeping the public informed during critical incidents. Our public affairs program, working with CG-6, will find ways to maintain that capability for specific purposes that support operations without increasing the vulnerability of our network. The use of YouTube is a great example of this. Our release of the video of the "Miracle on the Hudson" through that channel has resulted in an amazing 760,000 views, making it the most viewed video of the day.
----------------------------------
Guest Post from RDML David Glenn (CG-6), Chief Information Officer:
Since my last post regarding social media websites, I have received comments and reviewed the Coast Guard policy on blocking internet websites and would like to provide an update.
As the Coast Guard Chief Information Officer (CIO), I have the responsibility of balancing a computer user's freedom and flexibility with information assurance policies that restrict this access and flexibility in order to manage the risk associated with these activities to ensure data confidentiality and network availability with the Coast Guard networks (CGDN, SIPRNET, etc.). Access and security must be managed and maintained at acceptable levels.
In addition, I have the responsibility to ensure the Coast Guard Information Technology (IT) policies are in accordance with all Federal laws, regulations and policies, including those of the Department of Homeland Security (DHS) and the Department of Defense (DoD). While the Coast Guard is a part of DHS, our computer networks connect to DoD networks too, therefore, the Coast Guard IT polices must align with both departments.
We have Coast Guard policies in place that prohibit access to non-operational internet websites because unhindered access exposes the Coast Guard computers and networks to unnecessary avenues of attack. Cyber security is dynamic and continually evolving because people with malicious intent continually seek new ways to exploit vulnerabilities in computers and networks. Therefore, the Coast Guard is continually monitoring and taking necessary actions to protect our computers and networks. In some instances, these actions may be immediate and without any notification to enable the Coast Guard to contain, minimize, or prevent impact to our computers and networks. Malicious media (viruses, malware, phishing, etc.) are constantly being launched from many of the most common and popular recreational websites. Blocking specific recreational websites is a proactive measure to address these threats and provides the Coast Guard a way to enforce our policy on prohibitive activities outlined in COMDTINST 5375.1(Series), Limited Personal Use of Government Office Equipment, and ALCOAST 091/07. Even with the current policy restrictions, we quarantine and reformat many computers each month due to infections or malware. We will continually address access and security in equal measures and strive to maintain an acceptable balance.
It should be noted that we did review and verify the DHS and the DoD policies on this matter. Our Coast Guard policies are aligned with their prohibited activities. In fact, DHS recently updated the prohibited activities to specifically include restricting social networking websites.
In the near future, the Coast Guard will be deploying the CG Portal. The CG Portal will replace CG Central and the uscg.mil information systems. It will enhance your ability to share information, collaborate and communicate. With CG Portal, you will have many of the internet features available at commercial websites, such as blogs, wikis, discussion forums, feed readers, chat, instant messaging, etc., but in a secure environment that will protect the critical information needed to complete the Coast Guard missions. An ALCOAST announcing the CG Portal deployment will be sent in the coming months.
Posted at
12:00 PM
7 Comments:
I would request that you reconsider blocking Twitter. There is an operational and intelligence need that Twitter can fill. Much of the initial reporting from Mumbai during the attacks last year was from eye-witnesses posting to Twitter. The same thing can be said for the US Airways plane ditching into the Hudson. These eyewitness accounts help add to our awareness in the maritime domain.
The recent blocking of Twiiter and LinkedIn, two major players in the Social (and professional) networking, was a little confusing.
The Whitehouse, the Senate, Congress, the Supreme Court, and the USCG all send updates via Twitter. I imagine the threat was the obscurity and frequency of tinyurl links. Can anyone confirm?
V/R
ASTC Vittone
Admiral Glenn,
You mention that you are the CIO. I've been trying to track down the CKO (Chief Knowledge Officer); that wouldn't happen to be you, also, would it?
If so, would you please comment on the tension between the CKO role (such as getting knowledge "out there") with the CIO role (making security of our IT systems an absolute primary concern).
{{rant follows}} Frankly, I see no balance at this point (even with the impending Portal, which, by the way, if we don't include the -- and I hate to use this as the example -- facebook-like add-on, will be nowhere near as powerful a KM tool as it could be as "expert location" continues to be one of the top KM issues... such as the fact that I've never been able to find the CKO listed anywhere (other than on one slide in the CG-6 CG Central site, a slide which I've been told is incorrect). {{BT BT}}
Thanks.
v/r,
/s/ Peter S.
We look forward to the deployment of CG Portal and the capabilities and flexibility it will offer us in the field. I also hope that we soon can take advantage of webcam capability / "live" meetings within the Coast Guard. This could significantly help improve the common operating picture at the deck plate level by allowing virtual communication between leaders in the field. We could also save countless, mind-numbing hours in travel time as well as save money.
One comment on the development of a CG Portal. It's a very interesting idea, but negates an important aspect of social media - interacting and informing the public. The video on YouTube did not get 760,000 views from Coast Guard personnel alone. It seems that blocking access from these websites but developing a CG Portal for CG personnel only misses the point.
It seems CG-6 is very engaged with which websites to block from CGDN, but there are two important changes that haven't been addressed that directly affect Coast Guard Personnel.
1. Jumpdrives were banned due to viruses on them, with the promise that a work around would be promulgated. Has any progress been made on a Coast Guard specific, secure jumpdrive?
2. The computer supplier to the Coast Guard has closed its doors. There is currently no good answer on how to fix broken computers. In addition to that, every day computer warrantees expire, with no possibility of being replaced since the company no longer exists. What is the status of finding and contracting with a new supplier as they've been out of business for a few months now?
We at some point need to stop operating like a mom and pop store and act like a major corporation.
This is broken and we need it fixed.
We have a WSIII vendor who is out of business, a travel card vendor we can't seem to get in sync with and a dozen more programs that are on the fault line.
When and where does it end? Our Social Media policy seems equally faulted.
We need to start being proactive instead of reactive.
Reactive is what we do in response to emergencies created by the public and acts of God. In all other cases (business practices) we need to be proactive.
Enough of senior leaders more worried about the next promotion than they are about the next crises affecting Coast Guard.
Lets move on.
For goodness sakes, this is an UNCLASSIFIED network we are talking about.
Someone needs to take the bull by the horns when it comes to computers and communications rather than blindly following edicts from DoD NII. The cyber-security pendulum has swung too far and will paralyze us on the current course - we might as well return to the SWII or the typewriter.
The state of communications capabilities on our ships and boats is deplorable and Deepwater is NOT THE ANSWER. It is unfathomable that our current fleet can't run basic wants/warrants without the use of voice comms. Not to mention, the bandwidth limitations - this problem can be solved with money. Maybe we can cancel 1 innovation expo and reinvest the savings in our operational fleet :)
[Moderators Note: The last paragraph of your comment was deleted so that we could post your comment while still adhering to our comment policy.]
Post a Comment
Links to this post:
Create a Link
<< Home