Library > Web Policy > Bulletin Boards and Web Sites
DTG: 111618Z MAR 97
FROM: HQ USAF WASHINGTON DC//SC//
TO: ALMAJCOM-FOA//CV/SC/DO/LG/IN/XP/DP/IG/SG/PA/HO/DR//
UNCLAS
SUBJECT: AIR FORCE ELECTRONIC BULLETIN BOARDS AND INTERNET WORLD
WIDEWEB HOME PAGES
1. PLEASE ENSURE WIDEST DISSEMINATION OF THIS MESSAGE TO YOUR
SUBORDINATE COMMANDERS.
2. A RECENT AUDIT REVEALED PROBLEMS IN CONTROLLING ELECTRONIC
BULLETIN BOARDS AND INTERNET WORLD WIDE WEB HOME PAGES. THIS
MESSAGE HIGHLIGHTS THESE PROBLEMS AND PROVIDES GUIDANCE TO PREVENT
THEM.
3. PROBLEM: SEVERAL INSTALLATIONS ESTABLISHED BULLETIN BOARDS
AND HOME PAGES WITHOUT FIRST ESTABLISHING AND VALIDATING THE REQUIREMENT
FOR THEM AND WITHOUT OBTAINING DESIGNATED APPROVING AUTHORITY
(DAA) APPROVAL.
A. ESTABLISHING ELECTRONIC BULLETIN BOARDS AND HOME PAGES WITHOUT
A VALID REQUIREMENT WASTES VALUABLE COMPUTER AND PERSONNEL RESOURCES.
B. PROCESS REQUIREMENTS FOR ELECTRONIC BULLETIN BOARDS AND
HOME PAGES THROUGH THE SUPPORTING COMMUNICATIONS UNIT. ESTABLISHING
BULLETIN BOARDS AND HOME PAGES WITHOUT OBTAINING DAA APPROVAL
VIOLATES AF DIRECTIVES AND NEEDLESSLY EXPOSES SYSTEMS TO HACKER
ATTACK AND INAPPROPRIATE USE. THE DAA IS THE OFFICIAL WITH THE
AUTHORITY TO FORMALLY ASSUME RESPONSIBILITY FOR OPERATING THESE
SYSTEMS BASED ON ATTAINING AN ACCEPTABLE LEVEL OF RISK. AIR
FORCE POLICY (AFI 33-112) REQUIRES DAA APPROVAL FOR ELECTRONIC
BULLETIN BOARDS AND HOME PAGES. THE DAA, WITH ASSISTANCE FROM
THE CERTIFYING OFFICIAL AND WING INFORMATION PROTECT OFFICE,
EVALUATES REQUIREMENTS,VERIFIES SECURITY SAFEGUARDS, AND PROVIDES
DEFINITIVE DIRECTION TO ENSURE SECURITY OF THESE SYSTEMS.
4. PROBLEM: SEVERAL HOME PAGES DISPLAYED OR PROVIDED LINKS TO
INAPPROPRIATE INFORMATION. FOR EXAMPLE, ONE HOME PAGE HAD POINTERS
TO COMMERCIAL SLEAZE AND GOSSIP WEB SITES.
A. LINKS TO THIS INAPPROPRIATE INFORMATION BRING DISCREDIT
TO THE AIR FORCE AND MAY BE CONSTRUED AS OFFICIAL AIR FORCE ENDORSEMENT
OF THESE ACTIVITIES.
B. WE NEED CLOSE PERSONAL ATTENTION OF THE ACCOUNTABLE SUPERVISORS
AND COMMANDERS TO PREVENT THIS FROM HAPPENING. SUPERVISORS AND
COMMANDERS NEED TO REMIND THEIR PEOPLE THAT THEY LEAVE "ELECTRONIC
FOOTPRINTS" WHEN THEY NAVIGATE THE "INFORMATION SUPER
HIGHWAY."
5. PROBLEM: SEVERAL HOME PAGES DISPLAYED UNAPPROVED INFORMATION.
FOR EXAMPLE, ONE HOME PAGE DISPLAYED THE TYPES OF WEAPONS STORED
IN THAT INSTALLATION'S ARMORY. OTHER HOME PAGES DISPLAYED INFORMATION
PROTECTED UNDER THE PRIVACY AND FREEDOM OF INFORMATION ACTS.
A. RELEASING INFORMATION WITHOUT PROPER APPROVAL VIOLATES AF
DIRECTIVES AND PUBLIC LAW (IN THE PRIVACY ACT CASE) AND IS BOTH
EMBARRASSING AND DETRIMENTAL TO THE AIR FORCE.
B. REVIEWS BY THE APPROPRIATE PUBLIC AFFAIRS OFFICE ARE REQUIRED
AND WILL HELP PROTECT THE U.S. GOVERNMENT, THE DOD, AND THE INDIVIDUAL
DOD MEMBERS.
6. PROBLEM: SEVERAL INSTALLATIONS ALLOWED UNCONTROLLED ACCESS
TO INAPPROPRIATE INFORMATION.
A. COMMANDERS AND SUPERVISORS NEED TO EDUCATE AND ENSURE THEIR
PERSONNEL USE THE INTERNET FOR OFFICIAL AND AUTHORIZED PURPOSES.
B. AUTHORIZED USE MEANS THAT THE INTERNET USER'S SUPERVISOR
(WHO IS A COMMISSIONED OFFICER OR CIVILIAN GS-11 OR ABOVE IN
THE USER'S CHAIN OF COMMAND), IAW THEATER CINC AND MAJCOM POLICIES,
CAN PERMIT PERSONAL USE OF THE INTERNET UNDER THE FOLLOWING CONDITIONS:
(1). THE USE DOES NOT ADVERSELY AFFECT THE EMPLOYEE'S PERFORMANCE
OF DUTIES.
(2). THE USE IS OF REASONABLE DURATION AND FREQUENCY AND,
WHENEVER POSSIBLE, IS MADE DURING THE MEMBER'S PERSONAL TIME
(NON-DUTY HOURS).
(3). THE USE SERVES A LEGITIMATE PUBLIC INTEREST, SUCH AS
KEEPING MEMBERS AT THEIR WORKSTATIONS, IMPROVING MORALE, ENHANCING
PROFESSIONAL SKILLS, OR FURTHERING EDUCATION.
(4). THE USE DOES NOT REFLECT ADVERSELY ON THE AIR FORCE
(INCLUDING BUT NOT LIMITED TO, USES INVOLVING PORNOGRAPHY OR
ANY OTHER USE THAT IS INCOMPATIBLE WITH PUBLIC SERVICE OR AIR
FORCE POLICY).
(5). THE USE DOES NOT OVERBURDEN THE COMMUNICATIONS SYSTEM
AND DOES NOT CREATE SIGNIFICANT ADDITIONAL COSTS TO THE AIR
FORCE.
7. USE THE GUIDANCE IN AFI 33-129, TRANSMISSION OF INFORMATION
VIA THE INTERNET. THIS INSTRUCTION DEFINES THE ROLES AND RESPONSIBILITIES
OF PERSONNEL USING AND MAINTAINING INTERNET ACCESS. IT ALSO OUTLINES
RESPONSIBILITIES AND PROCEDURES FOR ACCESSING INFORMATION AND
PROPERLY ESTABLISHING, REVIEWING, POSTING, AND MAINTAINING GOVERNMENT
INFORMATION ON THE INTERNET.
8. YOUR PERSONAL ATTENTION TO THESE INTERNET ISSUES IS NECESSARY
TO PRECLUDE THE MISUSE OF GOVERNMENT RESOURCES, ENSURE THE PROTECTION
OF OUR INFORMATION AND COMMUNICATIONS SYSTEMS, AND TO PROTECT
THE IMPORTANT INFORMATION IN OUR SYSTEMS.
9. POC AT HQ USAF/SCXX IS LT COL FRANK MCGOVERN, DSN: 224-9287,
E-MAIL: MCGOVERF@AF.PENTAGON.MIL; POC AT SAF/PA IS CAPT
TERRY BOWMAN, DSN: 225-8561, E-MAIL: BOWMANT@AF.PENTAGON.MIL.
|