AIS SECURITY PROGRAM PLANNING

Following is a suggested outline to use as a basis for planning an AIS security program:

o Perform preliminary planning. Establish an AIS security team to prepare an AIS security program and make responsibility assignments.

l Perform a preliminary risk analysis. This will identify major problem areas.

l Select and implement urgent "quick fix" security measures. This should be done on an as-needed basis.

o Perform and document a detailed risk analysis. This will allow for review and approval.

l Justify cost and document action plans.

Based on the approved risk analysis selected, develop budgets and schedules for security measures, contingency plans, training and indoctrination plans, and test plans.

l Carry out the approved action plans.

l Repeat the detailed risk analysis and subsequent steps regularly, at least annually.

Conduct more frequently if required based on the results of tests, inspections, and changes in mission or environment.

AIS SECURITY PLAN DOCUMENTATION

Include adequate documentation in the action plans. For example, the documentation might include the following:

A security policy statement that provides general guidance and assigns responsibilities;

A security handbook (with instructions) that describes in detail the security program and procedures and the obligations of AIS personnel, users, and supporting personnel;

Q Command standards for system design, programming, testing, and maintenance to reflect security objectives and requirements;

l Contingency plans for backup operations, disaster recovery, and emergency response; and

l Booklets or command instructions for AIS staff indoctrination in security program requirements.

Depending on the normal practices of the AIS facility, these documents may be completely separate items or they may be included in other documents. For example, emergency response plans for the AIS facility might be included in the command's Disaster Control Plan. Similarly, security standards could be added to existing documents.

The final point to be made is the importance of continuing the inspection and review of the security program. A major effort is required for the initial risk analysis, but once it is completed, regular review and updating can be done much more quickly. By evaluating changes in command mission, the local environment, the hardware configuration, and tasks performed, the AIS technical manager can determine what changes, if any, should be made in the security program to keep it effective.

AUTHORITATIVE References

Numerous higher authority instructions relate to physical security, data protection, and security in general. You should have a thorough knowledge of them before implementing any security plan. Refer to the following instructions and manuals to learn about AIS security and when making security decisions:

l Department of the Navy Automatic Data Processing Security Program, OPNAVINST 5239.1 with enclosures;

l Guideline for Automatic Data Processing Risk Analysis, FIPS PUB 65 (enclosure 3 to OPNAVINST 5239.1);

l Department of the Navy Information and Personnel Security Program Regulation,

OPNAVINST 5510.1;

o Department of the Navy Information Systems Security (INFOSEC) Program, SECNAVINST 5239.3.

AIS THREATS AND RISK ANALYSIS

First, when designing its security program, a command must look at the potential AIS threats and perform a risk analysis.

AIS THREATS

When planning a security program, the AIS technical manager should be aware of all the types of threats that may be encountered. Not every Navy AIS facility will be faced with each type of threat, especially if the facility is aboard ship. The impact of a given threat may depend on the geographical location of the AIS facility (earthquakes), the local environment (flooding), and potential value of property or data to a thief, or the perceived importance of the facility to activists and demonstrators or subversives. Examples of natural and unnatural threats include:

l Unauthorized access by persons to specific areas and equipment for such purposes as theft, arson, vandalism, tampering, circumventing of internal controls, or improper physical access to information;

l AIS hardware failures;

l Failure of supporting utilities, including electric power, air conditioning, communications circuits, elevators, and mail conveyors;

l Natural disasters, including floods, windstorms, fires, and earthquakes;

l Accidents causing the nonavailability of key personnel;

l Neighboring hazards, such as close proximity to chemical or explosive operations, airports, and high crime areas;

l Tampering with input, programs, and data; and

l The compromise of data through interception of acoustical or electromagnetic emanations from AIS hardware.

The preceding list of threats to the operation of an AIS facility contains only a few of the reasons why each command should have an ongoing security program adapted and tailored to its individual needs and requirements. Not all threats and preventive measures can be discussed in this chapter. However, we will cover the more common threats and remedial measures. For a thorough review of the subject, refer to the Department of the Navy Physical Security and Loss Prevention, OPNAVINST 5530.14.