The Navy's CIO has banned Navy and Marine Corps personnel from accessing personal email or using P2P programs on the Navy Marine Corps Internet. Employees cannot auto-forward official e-mail to a commercial account or use a commercial account for official government business. In addition, the new directive bans the use of P2P program. A story in The Periscope, a publication serving Naval Submarine Base, Kings Bay, Ga., says:
According to a bulletin from the U.S. Department of Homeland Security, P2P programs have been found to allow easier access to government computer systems for theft of sensitive documents and use of government resources, due to unauthorized installation and use of this software on government systems. Recent news media reports stated P2P allowed sensitive government documents to get into the public domain. There are also documented incidents where DoD sensitive messages have been found on non-US computers with no protection against hostile intelligence services. The use of this software creates vulnerabilities, which can be exploited by providing a means of introducing malicious code and other illegal material.
The military has come under fire lately for the vulnerability of nonsecure systems. Hackers recently broke into Air Force computers containing personal information about officers and other employees. Pentagon insiders say that the military is under attack from computers based in China.
Military Network Security White Papers
- Government Security Solutions: Protecting Government and Military Organizations Around the Globe Even as New Threats Emerge - Check Point Software Technologies
- Network-Centric Operations: The Key to Military Transformation in the 21st Century - IBM
- Government Security Solutions - Check Point Software Technologies
- Internet Security Solutions for Government - Check Point Software Technologies
- GOVNET Won’t Solve U.S. Government Internet Security Concerns - Gartner
- Network-Centric Operations - Cisco Systems
- Statement of Direction: Security Evaluations - Oracle
- An Architecture for Flexible Multi-Security Domain Networks - U.S. Pacific Command
- Government Certified Solutions: Certified Solutions for High-Risk Networks - Check Point Software Technologies
- Computer Security Criteria: Security Evaluations and Assessment - Oracle