[ISN] Boutelle: Army has tight IM security

From: InfoSec News (alerts@private)
Date: Thu Oct 12 2006 - 22:33:19 PDT


By Josh Rogin
Oct. 12, 2006

The Defense Department is unlikely to have any instant messaging 
scandals similar to the one that embroiled Rep. Mark Foley (R-Fla.). In 
the armed forces, misuse of online chatting doesn't just run the risk of 
personal embarrassment; its an issue of national security.

DOD has a strict IM policy consisting of constant monitoring, prevention 
of the use of unapproved programs and enforcement of strict discipline 
when abuses are reported.

Army Chief Information Officer Lt. Gen. Steven Boutelle outlined for 
reporters how the service enforces that policy Oct. 11 at the 
Association for the U.S. Army conference in Washington, D.C.

The service scrubs hard drives automatically to remove any unapproved 
downloaded software, he said. Also, the Army has blocked Internet ports 
that route traffic from sites that provide IM services.

"In my office, if I boot AOL Web based, I can do e-mail, but the minute 
I hit instant messaging, nothing happens, because those ports are 
blocked," Boutelle said.

Even high-level officials such as general officers are not exempt from 
the rules. Mine gets checked like everybody else, he said.

Chat rooms are popular and needed tools for military communications. 
Consequently, they are constantly monitored for inappropriate content. 
But even simple policies head off problems, Boutelle said.

For example, in an Army chat room, your user name is the same as your 
Army e-mail address. This prevents deception and ensures accountability, 
Boutelle said. Also, users can report offensive messages by clicking a 
button on the chat screen. Three such reports will result in a user 
being kicked off the system.

The Army realizes IM technology is ubiquitous and must be managed 
correctly, Boutelle said. "People will be people, and we want to make 
sure they get utility out of it but they dont abuse the system," he 
said. "Theres two sides to this pervasiveness of information."

The Army allows users access only to Bantu, a secure messaging program, 
through its Army Knowledge Online portal. Two years ago, the service 
disallowed the use of AOL Instant Messenger, MSN Messenger, ICQ and 
other programs, Boutelle said.

Eventually, all DOD users will be migrated over to IBM's Lotus Sametime 
suite of collaboration tools, which can be accessed through the Defense 
Information Systems Agency Web portal.

The Joint Task Force, Global Network Operations, oversees coordination 
of DOD's IM policy.

Visit the InfoSec News store!

This archive was generated by hypermail 2.1.3 : Thu Oct 12 2006 - 22:47:32 PDT