Information assurance program manual table of contents

Suggestions on How to Avoid Laptop Computer Theft

Download 189.31 Kb.

Page	8/8
Date	18.10.2016
Size	189.31 Kb.
	#2766

1 2 3 4 5 6 7 8

Suggestions on How to Avoid Laptop Computer Theft
The size and portability of laptop computers and many electronic devices make them especially vulnerable to theft. Staff is held personally responsible for any command laptop computer, equipment and/or accessories that are stolen during the time they are assigned to them. Below are some tips on protecting a laptop and other electronic equipment from being stolen:

Do not leave a laptop or any electronic equipment in an unattended vehicle, even if the vehicle is in your driveway or garage.

Never leave the equipment in plain sight.

When traveling, carry your laptop/electronic equipment in a nondescript carrying case or bag.

Take your laptop/electronic equipment with you when you leave a meeting or conference room, do not leave it unattended.

Never check a laptop or electronic equipment as luggage at the airport.

Lock the laptop/electronic equipment in your office, classroom, cabinet or desk during off-hours when possible.

If a theft does occur, immediately notify TTGL CDO, IAM or IAO.

LAPTOP/NOTEBOOK COMPUTER ISSUE CONTROL RECORD

MANUFACTURER

____________

MODEL

_____

SERIAL NUMBER

______________

IS CONTROL NR

_____________

AUTHORIZED SOFTWARE:

OPERATING SYSTEM:

APPLICATION SOFTWARE:

SECURITY ACKNOWLEDGEMENT:
I hereby acknowledge receipt of the above laptop/notebook computer.
I certify that I fully understand my responsibilities associated with the care and security of the laptop/notebook computer in my custody.
I understand my individual responsibility to protect this computer system from loss or theft, and certify that this equipment will not be used to store or process classified or sensitive information unless specifically authorized by the CO. I am also responsible for removing unnecessary or outdated data from this equipment upon its return.
I understand that it is my responsibility to report any instances, which may represent, or are perceived to represent, a threat to the integrity or this computer system to the TACTRAGRULANT Information System Security Manager (IAM).
I understand that only approved software designated by TACTRAGRULANT 5239.3 is authorized for use on this computer system. “Software” is interpreted as any information recorded on magnetic media to include data files, source code and executable code.
I understand that “Periods Processing” on this computer must be specifically authorized by the command IAM and in strict compliance with TACTRAGRULANT 5239.3

NAME	RANK/RATE	SSN(Last 4)	DIV/DEPT	SIGNATURE	DATE OUT	DATE IN


___________	_________	_________	________	__________	________	________

Exhibit 5 – Personal/Command Laptop Authorization

PERSONAL/COMMAND LAPTOP AUTHORIZATION RECORD
Manufacturer		Model		Serial Number			Command/Department		Division
Operation System: Hardware: Software:						Navy anti-Virus Program Installed: Yes No __________ Wireless/Bluetooth Disabled: Yes ___________ No __________
SECURITY ACKNOWLEDGEMENT: 1. I certify that I fully understand my responsibilities associated with bringing a personal laptop onboard TACTICAL TRAINING GROUP ATLANTIC. 2. I understand that TACTICAL TRAINING GROUP ATLANTIC is not responsible for any loss or theft, and certify that this equipment will not be used to store or process classified or sensitive information. I further understand that if any classified or sensitive information is discovered on my personal laptop, that it may be confiscated, sliced (all data deleted), and if necessary, held as evidence if any criminal wrongdoing is suspected. 3. I understand that it is my responsibility to report any instances, which may represent, or are perceived to represent, a threat to the integrity of TACTICAL TRAINIG GROUP ATLANTIC IS’ to the Information system security manager (IAM). 4. Personal laptops will not be connected to any command ISs nor will they connect by wireless means to any external internet service provider (ISP) or WiFi spot while onboard TACTICAL TRAINING GROUP ATLANTIC. 5. I will not re-enable wireless or bluetooth devices while onboard TACTICAL TRAINING GROUP ATLANTIC. 6. No work related data is authorized to pass between command ISs and personal laptops. 7. No personal magnetic media will be introduced into TTGL Network assets.
Name	Rank/Rate		SSN		Command			Signature	Date Out	Date In
Authorizations:
TTGL Admin			Signature						Date
SECMGR (If Required)			Signature						Date
IAM			Signature						Date

Exhibit 6- Procedures for monitoring NETWORK INTRUSION DETECTION SYSTEM (NIDS)

Network Intrusion Detection System (NIDS) is an intrusion detection system that attempts to discover unauthorized access to a computer network by analyzing traffic on the network for signs of malicious activity. TTGL is equipped with a CISCO series ASA 5512-x IPS which combines inline prevention services with innovative technologies to improve accuracy.

Even though TTGL actively monitor the NIDS, as our service provider, Navy Warfare Development Command monitors TTGL traffic also. In the event there is an intrusion or malicious activity is discovered, TTGL N6 computer floor could be contacted by NWDC and NCDOC directly.

The following actions should be taken upon indication or notification of an incident.

Inform the IAM or IAO.
System Administrator, conduct full virus scan on Network.
1. Determine if the Network has been infected with a virus, worm, trojan, or if a spillage has occurred. If either one has occurred implement incident response procedures per Exhibit 1.
Contact Computer Network Defense Service Provider/Navy Cyber Defense Operations Command (CNDSP/NCDOC) Naval computer incident response team. The CNDSP/ NCDOC personnel can provide technical assistance and reporting guidance in response to computer security incidents. They do not have legal expertise and cannot offer legal advice or opinions. NCIS agents are available at the CNDSP, if necessary.
Notify other interested elements within the command. In addition to notifying the CO and legal counsel, you may also need to notify others who may be directly affected.
Document all of the steps you take in systems or data recovery. The importance of documenting every step taken in recovery cannot be overstated.
Regain control per Exhibit 1.
Incident Reporting. The preferred method is via the NCDOC webpage.

Contact the NCDOC

Mailing address:

Commanding Officer

Network Computer Defense Operations Center

2555 Amphibious Drive

Norfolk, VA 23521-3225

Phone: Comm: (757) 417-4024, DSN (312) 537-4024
NCDOC Hotline: 1-888-NAVCDOC or 1-888-628-2362
Unclas fax: (757) 417-4031

Class fax: (757) 417-4064

STU/STE (312) 537-7592/ (757) 417-7952
NIPRNET: https://www.ncdoc.navy.mil

E-mail: ncdoc@ncdoc.navy.mil

SIPRNET: http://www.ncdoc.navy.smil.mil/forms.php

E-mail: cndwo@ncdoc.navy.smil.mil

Enclosure (1)

Directory: fltfor
fltfor -> Nmci homeport – Outlook Web Access (owa) Using Microsoft Outlook Web Access (owa)
fltfor -> Captain samuel Norton, usn
fltfor -> Importance: Low unclassified

Download 189.31 Kb.

Share with your friends:

1 2 3 4 5 6 7 8