SCHRIEVER AIR FORCE BASE, Colo. --
Beginning June 1, the 50th Space Communications Squadron will implement a policy to strengthen the cyber security posture of Schriever Air Force Base, Colorado networks.
The Comply to Connect policy has been in place, however, the 50th SCS made updates they want the base to know about.
The policy minimizes risks to Schriever AFB missions and networks by employing defensive measures to ensure the integrity and security of all systems throughout the wing as well as tenant units.
“Cyber security never takes a break because our adversaries never take a break,” said Maj. Orlando Lopez, director of operations for the 50th SCS. “This policy is an additional tactic to improve the security posture of our unclassified and classified networks.”
According to the 50th SCS, systems with a very high number of risks and systems that are not logged in to NIPR and SIPR networks beyond a 30-day time span are not in compliance. At a minimum, all Schriever AFB networks that cannot remain turned on 24/7, need to be powered on and logged in every Wednesday from 9 a.m. – 3 p.m.
Adherence to the policy will ensure the 50th SCS thoroughly scans and updates the Non-classified Internet Protocol Network and Secret Internet Protocol Networks to mitigate security vulnerabilities as quickly as possible.
“All IT systems have vulnerabilities and one of the ways we combat that is by scanning our networks and applying patches,” said Senior Master Sgt. Ethan Peters, operations superintendent for the 50th SCS. “An analogy for this is to think of our networks as a town that sits downstream from a large dam. Holes in that dam need to be found and fixed to prevent risks. Much like an engineer would do with a dam, scanning our networks helps us identify those holes and patch them.
“The reason we need to enforce the Comply to Connect policy is because we cannot scan our networks if our systems are not available for scanning,” he added.
If base members are not in compliance, an Information Technology Equipment Custodian will be notified for every week the system is not logged on and before disconnection after the fourth week of inactivity.
“One thing to note is multiple notices will be sent to ITEC’s before systems are removed from the network,” Peters said. “This allows customers an opportunity to ensure systems are compliant and avoid removal from the network.”
“There is a very important distinction to make,” Lopez added. “If the users do not comply, 50th SCS will disconnect the laptop or terminal, not the individual from the network.”
If a Schriever AFB member is not in compliance, the user’s responsibility is to call the Communications Focal Point at 567-2666 to open a ticket. Following this action, a client systems technician will visit the work center to sanitize the system and ensure it has all the up-to-date patches for it to be placed back on the network.
During May, 50th SCS leadership is focusing on educating the base on this policy.
“We want to make sure that all the commanders, directors and flight superintendents on base are fully aware and have all their questions answered with regard to the Comply to Connect policy,” Lopez said. “Our goal is to make sure everybody understands what is coming.”
Leadership is aware of concerns of how the policy will affect reservists and guardsmen.
“We have already reached out to the 310th Space Wing leadership to help ensure their systems are kept in compliance to avoid system removal,” Lopez said. “The Comply to Connect policy is not perfect; there will be instances where one individual may need to be responsible for six terminals in their work center. We are aware we need to work one-on-one with those organizations so they receive the support they need.”
“We are working hard to ensure our networks are secure with as little impact to our customers as possible,” Peters added. “Sometimes, it can prove difficult to find the correct balance between security and availability. We believe that this new Comply to Connect policy does a good job of addressing vital security concerns with as little impact to the customer as possible.”
For more information on the Comply to Connect policy, contact the 50th Space Wing Cyber Security Office at 567-4885.