AIS MEDIA PROTECTION MEASURES

AIS media protection is important because that is where we store data, information, and programs. All data and information, whether classified or not, require some degree of protection. Software also requires protection. You would not want to lose the only copy of a program you had worked 4 months to write, test, and debug. The amount of protection depends on the classification of data, the type of AIS storage media used, the value of the material on it, and the ease with which the material can be replaced or regenerated. AIS media includes magnetic tapes, disks, diskettes, disk packs, drums, cathode-ray tube (CRT) displays, hard copy (paper), core storage, mass memory storage, printer ribbons, carbon paper, and computer output microfilm and microfiche.

You are responsible for controlling and safeguarding (protecting) the AIS media at all times. For purposes of control, AIS media can be divided into two types or categories: working copy media and finished media. You will be working with both.

Working copy media is temporary in nature. It is retained for 180 days or less and stays within the confines and control of your activity. Examples of working copy media are tapes and disk packs that are used and updated at frequent intervals and coding forms that are returned immediately to the user after processing.

Finished media is permanent in nature. It includes tapes and disk packs, hard-copy output, or any other AIS media containing data or information to be retained for more than 180 days. Finished media can be released to another activity. For example, a magnetic tape can be sent to another activity as a finished media. However, the receiving activity may treat it as working copy media if it is kept 180 days or less. Of course, AIS media, whether working copy or finished copy, requires the use of security controls.

Security Controls

The security controls we discuss are general in nature and are considered the minimum essential controls for protecting AIS media. Your activity's standard operating procedures (SOPS) are designed to ensure that an adequate level of protection is provided. Classified working copy media must be dated when created, marked, and protected in accordance with the highest classification of any data ever recorded on the media. If classified working copy media is given to a user, the user is then responsible for its protection.

Classified finished media must be marked and accounted for. You may be responsible for inventorying magnetic tapes, disk packs, and other forms of AIS media. Your activity must maintain a master list of AIS media that is classified as Secret or Top Secret. This master list includes the overall security classification of the media and the identification number permanently assigned to it. The media must also be controlled in the same manner prescribed for classified material outside an AIS environment. For additional information, consult the Department of the Navy Information and Personnel Security Program Regulation, OPNAVINST 5510.1 (hereinafter called the Security Manual).

Security Markings

Your activity will have procedures for marking AIS media. These are important to protect the media from unauthorized, accidental, or intentional disclosure, modification, destruction, or loss. You can imagine how easy it is to pickup an unmarked tape, load it on the tape drive, and have whatever is on it recorded over by a program. You have probably done this to tapes with your tape cassette recorder/player. This is why we have mechanical means, like tape rings and diskette notches, to protect magnetic media. These methods, combined with clearly marked labels, go a long way toward protecting data and programs on magnetic media. Let's look at the types of markings the Navy uses for the various types of media for marking classified data.

MAGNETIC MEDIA.- Each magnetic tape, diskette, and disk pack must be externally marked with a stick-on label with the overall security classification and a permanently assigned identification number. When the tapes, diskettes, and disk packs are to be declassified by degaussing, all external labels indicating the classification must be removed unless the media will be immediately used to store information of the same classification. Many installations set aside groups of tapes and disks for recording classified data at each security level.

HARD-COPY REPORTS, MICROFILM, AND MICROFICHE.- Hard-copy reports or printouts from a printer, terminal, plotter, or other computer equipment and microfilm and microfiche must be properly marked. Those prepared during classified processing must be marked at the top and bottom of each page with the appropriate classification or the word "unclassified," and each page should be consecutively numbered.

CRT DISPLAYS.- The appropriate security classification marking is displayed at the top of the screen when displaying classified data or information.

Disposition of Media

There comes a time when the media or the information on the media is no longer needed. With microfilm, microfiche, and printouts, we destroy the media with the data. The same is not true of magnetic media. We can erase and reuse the media when the data is no longer needed. However, the media cannot function forever. Tapes and disks become damaged or eventually wear out.

When a disk or tape becomes unusable, it must be disposed of. But first, each disk and tape must be accounted for. It may have been used for classified data. The magnetic media librarian will see that it is disposed of properly. If the media contained classified data, it will be degaussed before being destroyed.

There are two other problem areas we tend to forget: printer ribbons and carbon paper. Ribbons and carbon paper must be disposed of properly. Because of the large variety of ribbons and printers, it is difficult to state with certainty that any and all classified information have been totally obscured from a given ribbon unless you examine that ribbon in detail. Therefore, printer ribbons are controlled at the highest classification of information ever printed by that ribbon until that ribbon is destroyed. The same ribbon is used in the printer for classified and unclassified information consistent with the levels of physical security enforced for the area.

Carbons are easily readable and must be handled and disposed of in accordance with the classification of data they contain. Remember, regardless of what the media is, it must be disposed of in accordance with the Security Manual if it ever contained classified information.

Basically, the requirement states that the data must be destroyed beyond recognition. If the media did not contain classified information, follow your activity's standard operating procedures (SOPs).

AIS SECURITY PROGRAM IMPLEMENTATION

The risk analysis and higher authority instructions provide the basis for an AIS security program. Even though implementation of the program depends on local instructions/directives and conditions, it may not be clear just where to begin.