Action Plan thoughts

Well depending on what road you close to follow on your process model your action plan could be either a real pain or painless.  I chose to do my process model based off of the typical DOD computer system because I know it in and out.  I know the way the system operates and I am privy to the latest information from DISA about current attacks.  I knew that my action plan would be very simple because it didn't involve any hardware changes and anything that didn't work properly would receive guidance from DISA in order for any further changes to be made.  So the big threat here is the threat from Iran where they are hacking government computers in an attempt to gain financial information and data from military users.  There are two ways to fix this which the latter should fix the problem of vulnerability if the first is ignored.  The first means of action that I chose was a unit level memo that would originate from the security team that prohibits the visitation to online banking sites and any e commerce sites on a government computer either secured or non secured.  This would in theory stop any data from getting onto the system and if the computer was hacked there would be no information there to look for.  But we all know that since lower enlisted like to push the envelope that this will not work and they will do it anyway so we will have to make the needed system changes.  These changes will be relatively easy since they are done at the unit level on the server side by the communications section shop.  What we intend to do is to block all access to online banking on the non secure system and the secure system.  All e-commerce will be block on the non secure system with limited access for supply personnel to GSA listed sites for ordering supplies only on the secure system.  This problem will not hamper any supply personnel in doing their job in sustaining the unit.  So since there are no hardware changes this far this should not be a problem in getting done in a timely manner.  If for some reason this process fails, which I don't see it failing because there will be no access to those sites that would put financial information on the computer, we can go back to DISA and see if there are any hardware changes that may help out.  The only thing that I could think of would be to install additional firewall appliances and go from there.  We will receive all guidance from DISA so if these changes fail then the ball will be in their court.  The big thing here is making changes that will prevent the attack and make sure your process model starts over again once you have verified that the changes have worked.

Potential checklists for DOD network users.

This past week I have been thinking about some checklists that I can use for my action plan that will directly affect my process model.  Since my process model is based off an actual threat to a DOD user and system it should work out pretty good here.  I have seen checklists that we have placed by our phones for bomb threats and thought that one should work for a network threat as well.  Since threats are ever changing in our industry it would probably be best to keep the checklist basic and not let it lead to a direct type of threat because there are many out there.  The first thing that I would do is when you get to your workstation every day do a thorough check of your system to make sure that everything is the way that you left it.  You may have to power on your computer especially since updates are installed nightly and it may have not restarted properly.  Also if you have a laptop that you are signed for it would be a good idea to secure it at the end of each day.  I would either take it home with you or secure it in a secure wall locker so a potential unauthorized user will not have access to it.  If you have your computer that is left out all the time check your CD drive to make sure that someone has not placed an unauthorized disk in the drive.  Since most USB ports have been disabled to portable device you shouldn't have to worry about anything there, but just check to make sure that you don't have any foreign items that shouldn't be there installed in them.  Also as soon as you log in with your ID card make sure that you do not see any unauthorized system configurations.  You should do this because your hack could begin once you actively begin using your computer and this could transmit data to the enemy.  If your unit has site that your are mandated not to use then do not use them. There is always a reason not to visit a site that is prohibited on a DOD computer system.  Your personal information could be a target so do not do anything on a DOD computer that could be a target to foreign personnel. This is a pretty rough checklist, but it could be as effective as the bomb threat checklist that is posted by every government phone.  If you practice this with your government computer then if could mitigate the risks that you have when using your PC every day.  Nothing is full proof here, but it should help out.

Wow the course is almost over and it is flying by.  Last weeks project did not go as well as I had planned even though I thought I made it more easy to understand, but including easier to understand terms.  I did not think that the format of my test was in need of change, because when I plugged my threat in it followed all of the steps that I had lined out with no problems.  I think a big thing that it may have been still harder to understand even though I tried to make it easier.  I did provide my description this time in the form of a word document which was different from the initial draft that I had turned in.  As these next few weeks go along I am more prepared to present a more elegant product if I am asked to.  I think that the toughness of this has caught me off guard a little and I have to get out of thinking about the military terminology all the time.  I think that the big thing here is that I need to make what I turn in easy to understand for all and I need to look that other things besides the military way of doing it.  I would like it if every one can understand the military terminology, but it is not realistic.  I need to use the same technical terms, but at the same time make it to where it is easy to read and every one can get through the scenario.  I can also use other students examples as a guide to see where we can go with this one.  So what I plan to do if I get another chance to revise is rework my diagram to make it simple to understand and try to be a little bit less descriptive on the technical side as well.  If no one can understand then I can see the point why.  Thanks again for the opportunity.