V-245727

Discussion

Failure to properly encrypt classified data in transit can lead to the loss or compromise of classified or sensitive information. REFERENCES: 32 CFR 117 and 32 CFR 2001 and 2003 as well as DOD Manual 5220.32 Volume 1 DOD Manual 5200.01, Volume 3, 24 February 2012, SUBJECT: DOD Information Security Program: Protection of Classified Information: Encl 4, para 1.a. Encl 4, para 3.b. and 4.a. Encl 4, para 8. Encl 7, para 13.e. NIST Special Publication 800-53 (SP 800-53), Rev 4, Controls: AC-17(2) and SC-8 NSA/CSS Policy Manual 3-16, Sections III, VI, X and XI DOD Instruction 8523.01, Communications Security (COMSEC), April 22, 2008, paragraph 6.1. CJCSI 6510.01F, INFORMATION ASSURANCE (IA) AND SUPPORT TO COMPUTER NETWORK DEFENSE (CND), Enclosure C, paragraph 35. CNSSI No.7003, September 2015, Protected Distribution Systems (PDS), SECTION IV - POLICY, paragraphs 6, 7 and 8.

Check Content

GENERAL REQUIREMENT: Classified information shall be transmitted by electronic means over an approved secure communications system authorized by the Director, NSA, or a Protected Distribution System (PDS) designed and installed to meet the requirements of Committee on National Security Systems Instruction (CNSSI) 7003. This applies to voice, data, message (both organizational and email), and facsimile transmissions. 

CHECK: Where classified (SIPRNet) transmissions are outside of an area approved for unprotected transmission check that the cryptographic system is designed and installed IAW NSA approved guidelines. Generally an area not approved for unprotected SIPRNet transmissions will be any transmission through an area that is not a SCIF, Secret or higher Vault or Secure Room or Secret or higher Controlled Access Area (CAA).

NOTES:

1. This check is applicable in a tactical environment regardless if the unprotected SIPRNet transmission line is located within a fixed facility, or field/mobile environment.

2. This check is NA if the unencrypted signal is installed in a proper Protected Distribution System (PDS).