The Soldiers And The Sensitive Information The Soldier Possess

1971 Words8 Pages
However the policies, and associated protection for both the soldier and the sensitive information the soldier possess, are not in place for commercially purchased devices. It is vital to understand, consent, and manage the risks associated with mobile devices, in order to protect the force, and use the capability these devices provide to accomplish the mission. To further describe this vexing problem, one must understand that soldiers often use multiple devices and various operating systems. Additionally, the expectation that the soldier is “never really off duty” (Bryan, 2014, p. 1), is set by the military’s highest enlisted leaders. This means soldiers must exchange information at home, at work, and even in their cars. This…show more content…
In the National Military Strategy, the authors (2011) write: Cyberspace – Joint Forces will secure the ‘.mil’ domain, requiring a resilient (DoD) cyberspace architecture that employs a combination of detection, deterrence, denial, and multi-layered defense. We will improve our cyberspace capabilities so they can often achieve significant and proportionate effects with less cost and lower collateral impact (p. 19). The need to secure the .mil domain and several policy hurdles prevent inclusion of personally owned commercial mobile devices into the Army’s networks. Many of these hurdles stem from the need to alter current policy. The Army 's current general policy, DoD Directive 8500.1(2003), requires design and acquisition of specific hardware and software profiles to meet mandated “levels of confidentiality, integrity, authentication, non-repudiation, and availability” (p. 4). Furthermore, the process for exception to the design-in of the security, requires approval by a Combatant Commander, and the Defense Information Systems Network Designated Approval Authority. It further requires entry into DoD system security documentation, probably in the form of an authority to operate document. Finally, hardware must meet DoD sufficient, mandated and designed-in hardness, self-defense and encryption standards. There are several additional continued regulatory standards to meet, as in DoD
Open Document