Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[] US-Army Webseiten enthielten geheime Informationen,

Web audit pings Army 

 BY Dan Caterinicchia 
 June 10, 2002

 An audit by the Defense Department's inspector general found that the
Army's publicly accessible Web sites contained "inappropriate
information" and recommends numerous steps the service should take to
remedy the situation.

 The audit, conducted from May 2001 through January of this year and
released June 5, included findings from DOD's Joint Web Risk Assessment
Cell, in addition to DOD IG Web site reviews. 

 From June through August of last year, the joint cell identified 77
public Army sites that contained inappropriate information, including: 

 * 14 examples of operational plans.
 * 4 cases of personal information.
 * 48 instances of policies and procedures on military operations.
 * 11 documents marked "For Official Use Only."

 The IG examined Web site administration at the Army Forces Command, the
Army Training and Doctrine Command (Tradoc) and 11 other organizations
and found that "sites under the control of both commandsÖcontained
information prohibited by Army Web policy." 

 Examples included Forces Command sites containing birth dates, family
information, personal e-mail addresses, new equipment fielded, exercise
data or inappropriate links to commercial sites, and Tradoc sites with
similar breaches, as well as inappropriate language. 

 Officials told the DOD IG that the information would be removed. 

 The report includes numerous recommendations for the Army chief
information officer's office, including:

 * Require major commands to document periodic policy compliance reviews
of publicly accessible Web sites, report those findings to the CIO and
establish a follow-up system to resolve discrepancies identified.

 * Coordinate with Tradoc to establish a training requirement and
curriculum for Army Web administrators and require that administration
personnel be trained before being assigned Web duties.

 The Army's director of enterprise integration, Miriam Browning,
responded on behalf of the service, although the report does not name
her by name, referring only to her title and responses from "the
director" or "she."

 Browning partially concurred with the recommendation that commands
periodically review their public sites but said it was unnecessary for
major commands to report results of those reviews to the CIO. 

 Instead, she advocated that report submissions go "through the chain of
command from organizations that have been notified of specific
violations on their Web sitesÖthe requirement of ad hoc reporting to the
[CIO] on the violations that have been identified would be continued."

 Browning generally agreed with the other recommendations. 

 The DOD IG released a report with similar findings earlier this year on
the Air Force, although it did commend the Air Force for its Web
training program as a "lesson learned" in the Army report.

Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.