dod portable electronic device policy

@E}+d3;lI! "h(;pF`F~*xu4~d!Kfig+VznCoYTJ,;N_ 4 endobj ( Security and Operational Guidance for Classified Portable Electronic Devices (PED), dated 25 Sept 2015 outlines use and operating guidance Requirements derived from Presidential Policy Directive40 and Office of Management and Budget (OMB) Directive 16-01 which mandated creation and distribution of TS collateral mobile devices Advantages DOD Forms Management Program Office of Personnel Management (OPM) Forms including standard, optional, OPM, Retirement & Insurance, Investigations and Group Life Insurance forms General Services. ( ( JFIF PFU ScanSnap Manager #S1500 C &"((&"%$*0=3*-9.$%5H59?ADED)3KPJBO=CDA CA,%,AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA %PDF-1.5 % ( ( ( ( ( D+06`]*u%RNc`6 A new mobile device strategy for the United States Defense Department addresses the need to secure the use of mobile devices for the military but provides few specifics on how to furnish security, at least not in the non-classified version the DoD made public this month. paramount. 30, 1993 (b) CJCSI 6211.02D, "Defense Information Systems Network (DISN) Responsibilities," January 24, 2012 (c) MCO 5239.2B (d) USMC ECSM 005, "Portable Electronic Devices and Wireless . ( This interactive training explains security issues associated with unclassified government-provided and government-authorized mobile devices, as well as personal mobile devices used in a government setting. Portable Electronic Devices means mobile devices capable of electronically storing, accessing, or transmitting . ( ( 0. dod portable electronic device policy. ( ( ( %tj^dR +\=8{.KT0~w]o e&rpz/geaV=g. ( ( ( KDDvCyo2HLUU. 3.b.4. ( ( ( ( Access was denied to the access policy. ( ( Technology (IT) (stand-alone) systems. That information may be on paper, optical, electronic or magnetic media. ( 1 0 obj<> endobj 2 0 obj<>/Font<>/ProcSet[/PDF/Text]/ExtGState<>>> endobj 3 0 obj<>stream Mmi?q~5(\6u+9oW3`4+x#!vrk]KyPU@> o\H'`{Q# *l4=l`;~/.y 4N'@r#^N.zx|q{1lb0FXz'28\! CES HR Operational eGuide ( H*53043V0 B]sK#=c3 0S@DO5Pp The DoD Cyber Exchange HelpDesk does not provide individual access to users. This Instruction implements Air Force Policy Directive . ( endstream endobj 265 0 obj <>stream REF (N) IS DODI 1035.01, TELEWORK POLICY.// ( Want updates about CSRC and our publications? SCOPE AND APPLICABILITY. Wired headphone or headsets without microphones, e.g., with earpiece only, cannot contain noise-cancelling functionality. The device will be remotely wiped of all data and locked to prevent access by anyone other than IT. @O{M(X,.wt>D-+ 7; Subj: REMOVABLE STORAGE DEVICES . endstream endobj 545 0 obj <> endobj 546 0 obj <>/ProcSet[/PDF/Text/ImageC]/XObject<>>>/Rotate 0/StructParents 12/Tabs/S/Type/Page>> endobj 547 0 obj <>>>/Subtype/Form/Type/XObject>>stream Secure .gov websites use HTTPS DOD Acceptable Use Policy . \p>JH`7who ( The host must display signs indicating when personal PEDs are not allowed and provide storage for devices outside the meeting space. ( For NIST publications, an email is usually found within the document. ( ( ( from ( ( REF (D) IS ALNAV 019-16, ACCEPTABLE USE OF AUTHORIZED PERSONAL PORTABLE ELECTRONIC DEVICES IN SPECIFIC DEPARTMENT OF THE NAVY SPACES. Comments or proposed revisions to this document should be sent via email to the . ( ( Additionally, personally owned, external monitors (using VGA, HDMI, or DisplayPort connection, but NOT USB) may be connected to unclassified GFE during authorized telework. ( An official website of the United States government, DLA policy prohibits all personnel from bringing portable electronic devices into agency-owned or controlled spaces approved for storage and processing of classified information. ( USB chargers) Have DoD devices serviced by unauthorized personnel Use DoD procured and/or owned removable storage media on non-government networks and computers Move data between unclassified and classified computing devices using ( ( So in Part 91 operations the PIC, with or without any technical expertise . However, these devices are vulnerable to cyberattack or theft, resulting in exposure of . ( ( ( ( ( 567 0 obj <>/Filter/FlateDecode/ID[]/Index[544 45]/Info 543 0 R/Length 113/Prev 744537/Root 545 0 R/Size 589/Type/XRef/W[1 3 1]>>stream %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz DOD IA and CND Policy DocumentsA-1 Authorization (Accreditation) A-1 Ports, Protocols, and Services (PPS . <>/ExtGState<>/XObject<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 1008] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> portable electronic device (PED) Abbreviation (s) and Synonym (s): PED show sources Definition (s): Electronic devices having the capability to store, record, and/or transmit text, images/video, or audio data. 1 of 1 point True False (Correct!) endobj True The DoD considers a PED to be any portable information system or device that __________. ( Access is . . ( ( SN>+&\uZ2>Uqx D`jxtZ=Y EKje|We_Ty_=QM IzF,|(]jFBSCv-/.^5Yrw:lU]FI ( f. I will not connect any personal IT equipment (e.g. w !1AQaq"2B #3Rbr All SIPRNet connected PEDs must comply with requirements in the "Joint USD(I) and DoD CIO Memorandum, dated 25 September 2015, SUBJECT: Security and Operational Guidance for . ( ( <> Mobile Devices (CMD), Portable Electronic Devices (PED), and laptops are DoD mobile endpoints. REF/A/DOC/ECSM 005/HQMC C4 CY/1JUL2016// under criteria established by an Executive Order or an act of Congress to be kept protected in the interest . REF/N/DOC/DODI 1035.01/04APR2012// ( A. LETTEER/GS15/DC I IC4 ICC CYBERSECURITY/-/TEL(COMM): 7036933490/EML: RAY.LETTEER@USMC.MIL// Updates guidance on use of Portable Electronic Devices (PEDs) and removable media. An organization may choose to dispose of media by charitable donation, internal or external transfer, or by recycling it in accordance with applicable laws and regulations if the media is obsolete or no longer usable. REF/M/DOC/DOD CIO/13APR2020// See Also: Finding a Password Management Solution for Your Enterprise ( ( November 22, 2019. ( ( HVn7}L;muifNCk`P(bzsv\mg4hI3$gwCqw7oZf}},F]8^~XcMrbrs5kV7cnVXKof3G3C?3wuE)] }PD)G}MbY]Ti nSvEY+$#Mn&Dbg5hG"m1Y\:P4B .?hAZUm)^. These include but are not limited to iPhones, iPads and tablets. ( The same rules and protections apply to both. ( Today Comment: All "smart" devices are capable of staying connected full-time to the internet, via satellite, Wi-Fi, cable, etc. (PFrsoj Z( If Portable Electronic Devices (PEDs) are connected to the SIPRNet, all devices must be NSA approved/configured and meet requirements for Data at Rest (DAR) encryption. ( ( 0=( Components should not initiate communications using unapproved commercial collaboration capabilities, but may participate in sessions if initiated by outside partners for public, unclassified purposes. ( 4 0 obj Portable electronic devices can pose a security threat by allowing sensitive or classified information to be compromised. ( As specified in reference (n), teleworkers are accountable for GFE, and must use and protect equipment and information in accordance with DoD and DoD Component procedures. For MCEN-N users, Pulse Secure VPN software provides secure, authenticated access to Marine Corps Non-secure Internet Protocol Router Network (NIPRNet) e-mail services, shared drives, and DoD CAC-enabled websites. ( ( ( REF/E/MEMO/DOD CIO/21APR2016// If you are an administrator, please go to Access Policy >> Reports: All Sessions page and look up the session reference number displayed above. Local Area Network Technologies," July 1, 2016 ( ( ( ( ( ( 0 The IL2 O365 Microsoft Teams environment known as Commercial Virtual Remote (CVR) is an approved, DoD-contracted Microsoft O365 Teams capability for alternative collaboration with other Services. If the spillage of classified information occurs, you must do which of the . ( ( References: a. ( REF/G/DOC/SECNAV M-5510.30/JUN2006// REF/K/MEMO/DON CIO/25FEB2020// endstream endobj 1029 0 obj <. Personnel who knowingly or willfully violate the requirements in this MARADMIN may be subject to a preliminary inquiry in accordance with reference (g) and an incident report in the Joint Personnel Adjudication System, per reference (h). ( POLICY. Exceptions to this policy shall be considered only in unique and rare . 544 0 obj <> endobj %%EOF tO"n#g)]k4J}C-irFU4g&57s T"Y) H ~q+Ok"f[T T ( Do not use NFC to communicate passwords or sensitive data. REF/F/DOC/DODM 5200.01, VOLUME 3/24FEB2016// Government-issued PEDs are allowed in areas approved for open storage and processing of classified information if Wi-Fi and Bluetooth capabilities are disabled. Wired headsets, e.g., a headphone with an integrated microphone, can contain a built-in noise cancelling microphone; however, no other noise-cancelling functionality is permitted. x][o~7 N ( f. Updates guidance on sanitization, declassification, and release of IS . ( The agency has tentatively concluded that this definition sets out the appropriate scope for the types of device Start Printed Page 87671 interfaces that should be covered by the Phase 2 Guidelines, i.e., the interfaces of portable electronic devices that are likely to be used by drivers when driving. (IS) that is provided for USG-authorized use only. <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> Technologies in the DoD Global Information Grid (b) DoD ClO Memo, Introduction andDse of Wearable Fitness Devices Headphones within DoD Accredited Spaces and Facilities Cc) MCO 5239.25 Cd) MCO 3O70.2A Ce) MCO 5100.295 Cf) CXC WASHINGTON DC C4 271630Z May 16 CMARADMIN 274/16) Cg) USMC ECSD 005, Portable Electronic Devices, Ver. ( POC/R. ( 3/4As long as a device is correctly marked it can be connected to a DoD computer. ( ( ( You have JavaScript disabled. ( Definition. OxWWDDU@4R+(d)8"wb >N}AeZ]+Z` EX F|{1hKhY04nE UYXKdbE(M` 8>H;cz'ne1|MGOd6=}$Z. ( 1 0 obj YxTX_~7[@v'9v6GQzB5D\9sO;HeA_F7}r$uQ9"P's3y2p!b]W!N? ( HWr8}W `/c)MeWx` ( ( ( ( ( 2 0 obj Per reference (k), DoD Components must first attempt to leverage DoD enterprise collaboration capabilities, which are approved for use by all DoD users. They take the form of formal directives, instructions,. ( [LEP] hardware. ( ( endstream endobj startxref ( ( ( DoD-provided peripherals, including CAC readers used on non-DoD-issued computers, may be returned and reused. ( ( ( DoD policy states that Federal Government communication systems and equipment (including Government owned telephones, facsimile machines, electronic mail, internet systems, and commercial systems), when use of such systems and equipment is paid for by the Federal Government, will be for official use and authorized purposes only. Exceptions Courses 339 View detail Preview site Acceptable Use Policy - United States . ( This fast paced integration has caused a paradigm shift to occur within DOD and DLA. SUBJECT: Army Directive 2019-23 (Allocation of Wireless Portable Electronic Devices) 1. ( All Marine Corps personnel are hereby authorized, subject to local policy and capability limitations below, to use headphones, microphones, and web cameras (webcams), on unclassified government. ( ( highly portable, electronic media thus creating a potential for theft or loss. REF (E) IS DOD CIO MEMORANDUM, INTRODUCTION AND USE OF WEARABLE FITNESS DEVICES AND HEADPHONES WITHIN DOD ACCREDITED SPACES AND FACILITIES. It is implemented with DoD specific security controls and provides video, voice, and text communication, as well as document sharing tools for Basic Controlled Unclassified Information (CUI). ( The policy applies to civilian and military employees as well as contractors and visitors to DLA. 2 Ch) I MEFO 5101.1 % D!q%. iH~\6; y7tJo$3,H.84,o2f&v3*3>S "'M1|'&L0,.\ P*iDE3 IRq_i6Xd6|7 0 4 0 obj Electronic devices having the capability to store, record, and/or transmit text, images/video, or audio data. ( 3.a.4. ( ( ( ( ( ( DLA Public Affairs. 3.b.6. SUBJECT: Sensitive Compartmented Information Facility (SCIF) Use Policy. Visual indicators will be used to indicate that an unclassified video/voice teleconference is in session within classified spaces, such as sign(s) posted on outer doors. It is DoD policy that: a. Unclassified WLAN systems must be standards-based and IEEE 802.11 compliant in accordance with Paragraph 3.1.a. ( At present, other capabilities, such as commercial Zoom and Zoom for Government, are not authorized options for Marine Corps personnel. ( 266 0 obj <>/Filter/FlateDecode/ID[]/Index[261 7]/Info 260 0 R/Length 36/Prev 554474/Root 262 0 R/Size 268/Type/XRef/W[1 2 0]>>stream No personally owned peripherals will be connected to DoD information systems, whether used within government spaces or during authorized telework. ( DMUC has since evolved to develop, implement and manage the mobility infrastructure that connects devices and applications within the DOD, says Smith. Napster, Kazaa), games or devices on a U.S. Government system. ( < CNSSI 4009-2015 Ref: (a) DoD 5500.07-R Ch 7, "Joint Ethics Regulation (JER)," August . Release authorized by BGen L. M. Mahlock, Director, Information Command, Control, Communications, and Computers (IC4) Division, Deputy Commandant for Information.//, MODIFICATION TO POLICY FOR PORTABLE ELECTRONIC DEVICES, UPDATE FOR CONTROLLED USE IN CLASSIFIED SPACES, UPDATE ON AUTHORIZED TELEWORK CAPABILITIES, Date Signed: 9/9/2020 | MARADMINS Number: 520/20, Hosted by Defense Media Activity - WEB.mil. ( ( Removable media takes many forms today (jump drives, flash memory storage, portable storage devices, etc.). ( ( ( ( ( ( ( 2 0 obj ( %PDF-1.6 % portable electronic devices (PEDs) and mobile computing devices, such as laptops, fitness bands, tablets, smartphones, electronic readers, and Bluetooth devices, have similar features. DoDI 8330.01, Interoperability of Information Technology (IT), Including National Security Systems. Examples of such devices include, but are not limited to: pagers, laptops, cellular telephones, radios, compact disc and cassette players/recorders, portable digital assistant, audio devices, watches with input capability, and reminder recorders. ( REF (G) IS SECNAV M-5510.30, DON PERSONNEL SECURITY PROGRAM. PEDs may also be prohibited by the meeting host in spaces not approved to process classified information where sensitive, unclassified information is being discussed. Electronic devices having the capability to store, record, and/or transmit text, images/video, or audio data. ( ( and guest researchers prior to their arrival to ensure they are familiar with the DEVCOM Chemical Biological Center PED policy. Z,9 ( ( Place electronic devices in checked bags Use unknown computers for charging DoD devices (e.g. Users should consider additional security measures, including limiting/disabling device location features, using strong device passwords, and only using trusted device 3.b.2. ( ( ( ( ( ( MARADMIN 520/20 Mobile devices/portable electronic devices have computing and wireless or Local Area Network (LAN) connectivity capabilities. DLA Director Army Lt. Gen. Darrell Williams recently signed a policy restricting use of PEDs in agency-owned or controlled spaces, Read the latest news from the Energy Major Subordinate Command of the Defense Logistics Agency. ( However, these. hb```, ea8 ( 3.a.5. }0CLs S~D5niELz|P]y^Q3WA? NZDI6(R8+mZgd|JZwZJEZ]6=&MBz. As stated in reference (j), devices using wireless communication (including Bluetooth, cellular or Wi-Fi, or other near field communication) are PROHIBITED unless granted an explicit exception by. ( 5. Federal and DoD regulations that support this standard DoD 8510.1-M ( pBt>Ay'e0&PJQc49@x: 2m(E$40Uw!UDGrY wU,~{fc;m 5Q2x bX]pNC0#;EZd>**&XRckyw9]T1-i*\b!nGr *&4W@3^Xy7XG5_qlHRsk\h r` A3 p]3C%4P%7e4Y\S j!1 nrM-HZ$Hn4,M&*YTZ% # A subsidiary of the American Telephone and Telegraph Company for most of its lifespan, it served as the primary equipment manufacturer, supplier, and purchasing agent for the Bell System from 1881 until 1984, when the system was dismantled. This MARADMIN supplements the direction provided in references (a) through (k), amplifies the direction provided in reference (j), reiterates direction provided in reference (k), and applies to all Marine Corps military, civilian, and support contractor personnel. ( %PDF-1.5 % Portable electronic devices are prohibited for use while operating a vehicle unless a hands-free device, such as a speaker or Bluetooth, is used. 27 Sep 2006 (U//FOUO) Portable Electronic Devices (PEDS) in DIA Accredited Department of Defense (DOD) SCIFS (AKO Access Required) 5 Apr 2007 (U//FOUO) Limited . ( TELEWORK AND COLLABORATIVE TOOLS/CAPABILITIES: ( 0p 2Hs6b S6Ha~xVUKD`0KU"w?\;t'Lt~P'F?~w';`zM+#'B>= ( ( ( ( Effective immediately: ( ( ( If the device is recovered, it can be submitted to IT for re- Student Self-Paced 2. ( As stated in reference (j), internal/embedded microphones and webcams may be enabled/used on unclassified systems; however, an enterprise policy will be enforced on these peripherals, set to auto-disable the peripheral after one hour if not acknowledged by the user. Use of unauthorized commercial collaboration tools or commercial e-mail on GFE is a violation of Marine Corps and DON acceptable use policy, and DoDI 5200.48 policy on handling Controlled Unclassified Information (CUI). ( Medium C AAL 2 Remote . 3.a.6. ( ( ( ( ( ( stream 1.2. ( ( A PED is defined in Army Regulation (AR) 25-2 as portable Information Systems (IS) or devices with the capability of wireless or LAN . ( <>/PageLabels 347 0 R>> ( ( ( ( ]OEA=#-&GZ> q4 0%G_sO>N|;9c =zN6{d$1Q "N4k2/%~0"3y;>0@CDN;b@#`_~~/|M_S ( DoD PKI Policy Identifier (OID) Credential Strength (Per DoDI 8520.03) AAL (NIST 800-63-3) Issuance Approved Uses Medium Mobile PKI Credentials . This STIG applies to any mobile operating system device used to store, process, transmit, or receive DoD information. ( Only government furnished equipment (GFE) approved for acquisition within the U.S government is authorized for use. A covered entity's . ( ( ( ( ( Acronyms are usually formed from the initial letters of words, as in NATO (North Atlantic Treaty Organization), but sometimes use syllables, as in Benelux (short for Belgium, the Netherlands, and Luxembourg), NAPOCOR (National Power Corporation), and TRANSCO (National Transmission Corporation). The proliferation of personal portable electronic devices (PPEDs) in the form of wearable technology has increased dramatically since their introduction in the 1980s. ( S0$0u"x& ( POLICY. ( Portable electronic devices are prohibited in Defense Logistics Agency-owned or controlled spaces approved for storage and processing of classified information, according to a memorandum signed Sept. 25 by DLA Director Army Lt. Gen. Darrell Williams. 3.b. ( ( ( REF (H) IS MCENMSG-UNIFICATION 002-15, WEBCAM AUTHORIZATION ON MCEN-N. REF (I) IS MCENMSG-UNIFICATION 009-15, WEBCAM AUTHORIZATION ON MCEN-S. REF (J) IS MARADMIN 263-20, MODIFICATION TO POLICY FOR PORTABLE ELECTRONIC DEVICES (PEDS). ( ( ( ( ( R(T0T0 BC#CC=#3=cc\}#Cb@. Om aNiwsJ>tWN+lw YhPhaAZ"@K -CxS~HuN*7EJ_cS(&FE!|4aBU[ {(`Dg.,Kg}kb$fg(CIX/Z#x]99z(F)b04[b=&QQ'L+WxS*J^(7tAm=,Q#hGF$t:WK5TtGc9|Pq_Q[slnfL ( <>/Metadata 204 0 R/ViewerPreferences 205 0 R>> ( In classified and unclassified government spaces, or while in use during authorized telework, webcams, microphones, and headphones/headsets must be disconnected and/or disabled when not in use. National Centers of Academic Excellence in Cybersecurity (NCAE-C), Public Key Infrastructure/Enabling (PKI/PKE), Using Mobile Devices in a DoD Environment. ( R 091720Z SEP 20 ( ( endstream endobj startxref Comments about specific definitions should be sent to the authors of the linked Source publication. ( ( ( Comments about the glossary's presentation and functionality should be sent to secglossary@nist.gov. DMUC was created in 2013 by the Defense Information Systems Agency when the DOD needed a way to securely connect users' commercial mobile devices to the agency's email platform. ( By using this IS (which includes any device attached to this IS), you consent to the following conditions: The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring . ( ( 8. ( A mobile device security policy should define which types of the organization's resources may be accessed via mobile devices, which types of mobile devices are permitted to access the organization's resources, the degree of access that various classes of mobile devices may havefor example, ( C\{ I]lL 4O9zm7]V)j3|+%a(2zl;u2z`Ygvy,`uy5Gx^-`].-&>IVG/U%*6_xYQ*0:9E/2cOouf/^71L`"W_?~8^>Y qme)klCOaD$o?c"L&OWvEExVN_o? dod portable electronic device policy. ( DoDD 8100.02, April 14, 2004 3 4.1. ( ( The use of cloud services must be formally authorized by the Marine Corps Authorizing Official (AO) and comply with requirements in the DoD Cloud Computing Security Requirements Guide. An acronym is a word or name consisting of parts of the full name's words. ( peer software (e.g. ( NARR/REF (A) IS MARINE CORPS ENTERPRISE SECURITY MANUAL (ECSM) 005, PORTABLE ELECTRONIC DEVICES AND WIRELESS LOCAL AREA NETWORK TECHNOLOGIES. ( Share sensitive information only on official, secure websites.