Maintenance window scheduled to begin at February 14th 2200 est. until 0400 est. February 15th


Forgot Password?

    Or login with Facebook

    IT systems and inspections: A moving target

    IT systems and inspections: A moving target

    Photo By Jennifer Bacchus | Roderick Wilson performs a scan to ensure all computer equipment on the installation...... read more read more



    Courtesy Story

    Anniston Army Depot

    ANNISTON ARMY DEPOT, Ala. -- The Directorate of Information Management is inspected by multiple commands for many different reasons. As the network has grown, so have the scopes of focus for the various inspections.

    Often, the inspections begin with the organization’s accreditation.

    I recall the Defense Information Technology Certification and Accreditation Process of the early 2000s.

    For accreditation, I had to identify every workstation, printer and scanner in every building within the active directory area of responsibility.

    Identification of all operating systems and software in every device was required.

    For example, back then Vista was the operating system for all computers. Special software was noted for each device, such as Adobe software or Citrix, and all systems had to have the latest patches applied.

    Every device also had to have antivirus software with the latest signature files.

    Inspectors required a multitude of documents.

    DITSCAP eventually changed to the Defense Information Assurance Certification and Accreditation Process.

    This system centralized much of the documentation and began adding Security Technical Implementation Guides.

    At the time, each workstation and server had about 110 STIGs for employees to check, ensuring they were applied.

    A good example of a STIG would be a policy of ensuring passwords were of a certain length or a device was Common Access Card-enabled.

    Today. DIACAP is now Risk Management Framework.

    No network gets connected to the outside world unless RMF compliance is met.

    Remaining in RMF compliance has become a full-time job for Anniston Army Depot’s cyber team.

    Today, a workstation list consists of 775 STIGs. Servers have 335. Everything must be have STIGs, including printers, multifunction devices, scanners, switches and routers.

    If ANAD has 5,000 end points on the network (workstations, servers, routers, switches, printers, MFDs, etc.), the installation has almost 3 million STIG checks which must be performed on the network.

    That workload comes in addition to the scans for operating system and other software patches. Even routers, switches, printers and MFDs have operating systems and require upgrades.

    RMF has a database for documents, Enterprise Mission Assurance Support Service. At any given time, there are approximately 200 documents in the system for our network alone.

    As you can see, DOIM and its Cyber Team have their work cut out for them.

    The Defense Information Systems Agency, also known as DISA, is one of our inspecting agencies.

    DISA determines whether or not an installation can connect to the Army network and they ensure the RMF Accreditation is approved.

    The RMF Accreditation is typically the first thing the DISA inspection team requests after their arrival.

    They will then scan the operating systems, audio/visual devices and perform separate scans on STIG compliance for every device.

    DOIM is inspected by the U.S. Army Tank-automotive and Armaments Command, Army Materiel Command, the Network Enterprise Technology Command, Signal Corps, Department of the Army Inspector General, DISA teams, Communication Security and, most recently, the Army Cyber Command.

    These organizations don’t have to give notice for inspections. They will show up at the gate and say, “We are here to scan your networks and inspect your IT systems.”

    You may wonder how you can help.

    • Ensure your device is plugged into the network and powered up. This helps ensure systems are getting their STIGs, patches and upgrades through the network. If a device falls off and we run a scan, we will find it non-compliant and we must quarantine it.

    • Never leave your CAC unattended. If an inspector finds a CAC unattended, you automatically fail the inspection.

    • If you question if your device is up-to-date or receiving patches, contact the Help Desk at Ext. 4357.

    • Follow the guidelines of your signed Acceptable Use Policy. Please do not go to suspect sites. You may try to go to a site and it is blocked. This is usually for a good reason. Malware is everywhere on the network.

    • Remember, no system is safe from attack, thus the constant updates and patches. Even stand-alone devices are not completely safe.

    We must be vigilant in protecting our IT systems and we appreciate your help. Please read your signed user agreement and follow the guidelines in it.

    If you have questions, contact the DOIM Help Desk at Ext. 4357.



    Date Taken: 03.19.2020
    Date Posted: 03.19.2020 11:29
    Story ID: 365496
    Location: AL, US

    Web Views: 149
    Downloads: 0
    Podcast Hits: 0