Hanscom Air Force Base   Right Corner Banner
Join the Air Force

News > Commentary - Protecting our information: An achievable resolution for a New Year
Protecting our information: An achievable resolution for a New Year

Posted 1/6/2011   Updated 1/6/2011 Email story   Print story


Commentary by Jeff Jeghers and Marianne Porter
Installation Information Protection Office

1/6/2011 - HANSCOM AIR FORCE BASE, Mass.  -- Last year certainly provided everyone an opportunity to be educated on the global attention we receive and the serious impact that occurs when our information is not handled correctly. There is complexity created with all the various kinds of information available and all the handling categories you may see in your career. However, handling information properly is not that difficult if you understand and follow some helpful concepts before applying the specific, detailed protection requirements.

Below are personal and work-related concepts tied together to further your basic understanding on how to properly protect information:

Need to Pay (Need to Know): We hear of "need to know" all the time but what does that really mean? The bottom line meaning is that if someone doesn't need to know something and is kept from knowing that particular information, they can't do harm with it. Would you share your credit card number with a co-worker or a stranger? If you do, there is an unfortunate chance you may need to pay for fraudulent charges incurred. When you share information at work with those who don't have a valid need to know and those members do wrong, who will need to pay then for any possible losses and what "currency" will they pay with?

Something's Not Right (CEP): You're educated on continuous evaluation programs for not only yourself but your co-workers, as well. If a bank or a doctor's office handles your personal information incorrectly, wouldn't you challenge that practice or perhaps take your business elsewhere? If someone is not safeguarding our information here correctly, wouldn't you handle that situation in a similar fashion? People who maliciously handle our information incorrectly tend to show signs of concern in other ways before the mishandling occurs. Even those with no malicious motives may be handling information incorrectly and they need your intervention. Be a good Wingman and help them now to avoid bigger problems later. It's tough to do, but it is the right thing to do and what is expected of each of us.

Total Protection (Depth): You may own a personal shredder or use the privacy settings on your Facebook account, but do you talk aloud on your cell phone in public about your personal issues? Why do anything securely if you're not going to protect an asset from all angles? In security we protect in layers, utilizing different but complimenting procedures and mechanisms and we call this security in-depth. For those that are required to adhere to security procedures, it is better perhaps to think in terms of totality vice depth and follow a logical path for protection. When you're safeguarding information, consider all the avenues you convey, retain and destroy this information and extend protection standards out to each avenue. Would you place information openly on your personal web page, like your social security number, and then not place it in your home trash for fear of theft? Most likely not, and it's important you understand and practice this concept of consistency while at work, as well.

Inequality (Handling): Information is not created equal nor is it treated as such from a protection standpoint. Your social security number and your favorite TV program are both technically types of personal information, but would you protect them in the same fashion? You probably wouldn't protect your taste in TV shows too zealously, and there is a good chance if that information were to be revealed, you would survive. This is unlike your SSN, which could cause you harm if compromised. Know what you are handling and know, absolutely, the protection standards in how to handle that particular piece of information. Don't assume it's all the same.
Situational Being (Awareness): Most members are quite in tune to when their cell phone batteries need a charge or where not to stray because of poor lighting in their neighborhoods, but they conversely rush into handling information when they are completely in the dark or armed without the proper tools to handle the task. Before you start out handling information, ask yourself some questions first: Am I prepared? Are my thoughts focused? Am I allowed to do this? Does it all make sense? If you answer no to any of these questions then stop what you are doing and ask for help. Do you hesitate when filling out forms that compile lots of personal information outside of work? Why would you then glide through handling government information without first considering the ramifications of doing it wrong?

Perspective (OPSEC): When most of you think about your home in terms of securing it, do you start inside or outside? Do you safeguard via commercial promotion or actual threat calculation? Do you take a holistic approach? How you view security is vital because of what you are actually securing something from. The classic accumulation of newspapers on a driveway may seem like a mess to some, but to a criminal it means you're not home. Don't think outside the box, stand outside the box and see what you notice, or even better, what your adversary would notice. If information and observation come together, you may have a vulnerability that needs to be addressed. Try it at home or try it at work, but decide to try it at some point so you understand what is meant when we say to take the adversaries point of view. It is better to see potential vulnerabilities now rather than later.

Although we still predominately think of warfare as a distant event, you should make no mistake about the fact that when it comes to protecting information you are always on the front line. Make the resolution this year to improve your understanding in how to protect our information, as it is both obtainable and rewarding. Don't make it more complicated than it needs to be, but don't assume you know all the proper angles either. None of us do. We work together and when in doubt, we ask for help.

No comments yet.  
Add a comment

 Inside Hanscom AFB

ima cornerSearch

tabMission NewsRSS feed 
BACN hits 100,000 hours of ensuring connectivity for warfighters

New contract vehicle opens doors for Battle Management programs

New Horizons slated for March 1 and 2

Hanscom AWACS team reaps reward

Recapitalizing JSTARS: the radar

tabHanscom NewsRSS feed 
ABG announces annual award winners

Hanscom firefighters deliver baby

Hanscom Fire Department named best in AFMC

OPM offers limited enrollment period for new self-plus-one option

February is National Cancer Prevention Month

February Team Hanscom promotions

BHS senior captures youth of the year honors

BSC week pays homage to MDS corps

Safety key to winter fun

MDS earns The Joint Commission's Gold Seal of Approval

tabNews Briefs and HappeningsRSS feed 
Upcoming events

News in Brief

School Notes  1

tabCommentaryRSS feed 
Airman shares family tragedy as "wake up call"

Holiday greetings from the base commander

Every Airman is a sensor

tabPhoto FeatureRSS feed 
Photo feature: This week at Hanscom, Feb. 5

Photo feature: This week at Hanscom, Jan. 29

tabFeaturesRSS feed 
Laying the foundation for future AF, Coast Guard enlisted leaders

Command chief focused on mission, careers of Airmen

From Army Air Corps to U.S. Air Force, 71-years and counting

Site Map      Contact Us     Questions     USA.gov     Security and Privacy notice     E-publishing  
Suicide Prevention    SAPR   IG   EEO   Accessibility/Section 508   No FEAR Act