Jump to content

UPDATED POLICY FOR THE USE OF EMBEDDED COMPUTER CAPABILITIES AND PERIPHERALS TO SUPPORT TWO-WAY COLLABORATION


Recommended Posts

UNCLASSIFIED//

ROUTINE

R 201903Z MAY 20 MID110000716460U

FM CNO WASHINGTON DC

TO NAVADMIN

INFO CNO WASHINGTON DC

BT
UNCLAS

NAVADMIN 148/20

PASS TO OFFICE CODES:
FM CNO WASHINGTON DC//N2N6//
INFO CNO WASHINGTON DC//N2N6//

MSGID/GENADMIN/CNO WASHINGTON DC/N2N6/MAY//

SUBJ/UPDATED POLICY FOR THE USE OF EMBEDDED COMPUTER CAPABILITIES AND 
PERIPHERALS TO SUPPORT TWO-WAY COLLABORATION//

REF/A/MEMO/DOD SISO/1MAY20//
REF/B/MEMO/DEPSECDEF/22MAY18//
REF/C/MEMO/DOD CIO/21APR16//
REF/D/MEMO/N2NGI/26OCT15//
REF/E/INST/ICD 705/27SEP17//
REF/F/MEMO/DOD CIO/13APR20//

NARR/REF A IS DEPARTMENT OF DEFENSE (DOD) SENIOR INFORMATION SECURITY OFFICER
(SISO) MEMORANDUM ON GUIDANCE FOR THE USE OF EMBEDDED COMPUTER CAPABILITIES 
AND EXTERNAL COMPUTER PERIPHERALS IN TELEWORK ENVIRONMENTS.  
REF B IS DEPUTY SECRETARY OF DEFENSE MEMORANDUM ON MOBILE DEVICE RESTRICTIONS 
IN THE PENTAGON.  
REF C IS DOD CIO MEMORANDUM ON INTRODUCTION AND USE OF WEARABLE FITNESS 
DEVICES AND HEADPHONES WITHIN DOD ACCREDITED SPACES AND FACILITIES.  
REF D IS DEPUTY DIRECTOR OF NAVAL INTELLIGENCE MEMORANDUM ON DEPARTMENT OF 
THE NAVY SENSITIVE COMPARTMENTED INFORMATION FACILITY PERSONAL PORTABLE 
ELECTRONIC DEVICES CLARIFICATION MEMORANDUM.  
REF E IS INTELLIGENCE COMMUNITY DIRECTIVE (ICD) 705 TECHNICAL SPECIFICATIONS 
FOR CONSTRUCTION AND MANAGEMENT OF SENSITIVE COMPARTMENTED INFORMATION 
FACILITIES V 1.4. 
REF F IS DOD CHIEF INFORMATION OFFICER (CIO) MEMORANDUM ON AUTHORIZED 
TELEWORK CAPABILITIES AND GUIDANCE.// 
POC1/SUSAN BRYERJOYNER/CAPT/OPNAV N2N6G5/EMAIL:  
SUSAN.BRYERJOYNER1(AT)NAVY.MIL
/TEL:  571-256-8422//
POC2/RANDY AKERS/DON INFOSEC/EMAIL:  RANDY.AKERS(AT)NAVY.MIL
/TEL:  703-601-0477//
POC3/MARK LAWTON/NAVY SSO/EMAIL:  MARK.LAWTON1(AT)NAVY.MIL/TEL:  703-604-
5736// POC4/DEIDRA BASS/NAVINTEL ISSM/EMAIL:  DEIDRA.BASS(AT)NAVY.MIL
/TEL:  (301) 669-3213//
POC5//ROBERT NITZENBERGER/DON SAP SENIOR AUTHORIZING OFFICIAL
/EMAIL:  ROBERT.NITZENBERGER(AT)NAVY.MIL/TEL:  (202) 284-1301//

RMKS/1.  This NAVADMIN consolidates guidance from references (a) through (f) 
to provide one authoritative policy for the use of embedded computer 
capabilities and peripherals to support collaboration in telework 
environments and government workspaces (unclassified, classified, collateral 
classified, Sensitive Compartmented Information Facility (SCIF), and Special 
Access Program (SAP)).  For the purpose of this NAVADMIN, the following 
definitions are provided:
    a.  Computers are electronic devices that store and process data (e.g.
desktop/laptop, tablets, smartphones).
    b.  Embedded computer capabilities are a combination of built-in hardware 
and software designed to provide a specific function (e.g. built-in web 
cameras, microphones, Wi-Fi).
    c.  Computer peripherals are external devices (e.g. common access card 
(CAC) readers, web cameras, microphones, keyboards, mice, monitors, printers) 
that are physically or wirelessly (e.g. Wi-Fi, Bluetooth) connected to 
computers.

2.  Embedded computer capabilities  Use on Navy-issued computers.
    a.  Authorized in telework environments and unclassified government 
workspaces only.
    b.  Prohibited in any classified government workspaces, per reference 
(a).
    c.  The following authorities are responsible for establishing processes 
for enabling prior to telework and disabling prior to re-introducing these 
computers back into higher classified workspaces (collateral classified, 
SCIF, and SAP):
        (1) For collateral classified spaces, up to the Top Secret level, the 
Navy Senior Information Security Officer (SISO) is the approval authority and 
will coordinate with the Deputy Undersecretary of the Navy, as required.
        (2) For Navy-accredited SCIFs, the Special Security Officer (SSO), 
with concurrence from the Naval Intelligence (NAVINTEL) Command Information 
Officer (CIO), is the approval authority.  Navy commands that use SCIFs 
accredited by other agencies (e.g. NSA, DIA) shall comply with guidance from 
those agencies.
        (3) For Navy-accredited SAP Facilities (SAPFs), the Director, DON SAP 
Central Office (SAPCO) is the approval authority.  Navy commands that use 
SAPFs accredited by other agencies (e.g. NSA, DIA) shall comply with guidance 
from those agencies.

3.  Navy-issued peripherals.
    a.  Telework environments.
        (1) Authorized on personally-owned computers.
    b.  Unclassified workspaces.
        (1) The use of headsets with microphones and web cameras in 
unclassified government workspaces is restricted to training and mission 
essential tasks that require two-way communication.  They are NOT authorized 
for unofficial use.
    c.  Collateral classified workspaces.
        (1) Authorized up to the Top Secret level, to include common, 
restricted and collateral open storage areas, with the following limitations:
            (a) Reference (b) remains in force for mobile devices in any 
Pentagon workspace that is designated or accredited for the processing, 
handling, or discussion of classified information.
            (b) Must be government procured using the network provider 
Approved Products List (APL).
                1.  Effective immediately, commands will only procure 
peripherals contained on APLs established by their network providers.
                    a.  NMCI APL can be accessed at 
https://www.homeport.navy.mil/services/downloads/nmcicertifieddevicelist.xls
                    b.  ONEnet APL can be accessed at 
https://navyonenet.com/navy-one-net-products/
                2.  Previously procured peripherals that do not comply with 
this NAVADMIN will be replaced as soon as fiscally feasible, but not later 
than 31 December 2020.
            (c) Headsets without microphones, per reference (c):
                1.  Must be unplugged when not in use.
                2.  Must be wired.
                3.  May use either a 3.5mm audio jack or USB port.
                4.  Cannot contain noise-cancelling functionality.
                5.  May be used on a system with any classification level, 
and once disconnected, are not considered classified.
            (d) Headsets with microphones, per reference (c):
                1.  Must be unplugged when not in use.
                2.  Must be wired.  (Push to talk preferred, if available.)
                3.  May use either a 3.5mm audio jack or USB port.
                4.  Cannot contain noise-cancelling functionality.
            (e) Web Cameras
                1.  Use must be approved by the appropriate authority 
identified in para 2 above.
                2.  May only be used on systems at the classification level 
of the space.  For example, in a collateral SECRET open storage area an 
external web camera may be connected to the SECRET workstation only.
                3.  Waivers regarding use of external web cameras on 
workstations at a lower classification level than the workspace may be 
approved on a case-by-case basis by the Navy SISO for select situations (e.g. 
offices with doors).
    d.  Navy-accredited SCIFs.
        (1) May be authorized by the Navy SSO or Navy Regional SSO (RSSO) on 
a case-by-case basis, with the following limitations:
            (a) Reference (b) remains in force for mobile devices in any 
space in the Pentagon that is designated or accredited for the processing, 
handling, or discussion of classified information.
            (b) All peripherals used in SCIF workspaces must be government 
procured using the network provider APL.
                1.  Effective immediately, commands will procure only 
computer peripherals contained on approved products lists established by 
their network providers.
                2.  Previously procured peripherals (e.g. headsets, web 
cameras, microphones, etc.) used in classified spaces will be replaced as 
soon as fiscally feasible, but not later than 31 December 2020.
            (c) Headsets without microphones.
                1.  Must be unplugged when not in use.
                2.  Must be wired.
                3.  May use either a 3.5mm audio jack or USB port. If the 
headsets connect via a USB port, the Navy SSO will coordinate with the NIA 
CIO prior to issuing a determination.
                4.  Headsets cannot contain noise-cancelling functionality.
                5.  Per reference (d), headsets must be government procured.
                6.  May be used on a system with any classification level, 
and once disconnected, are not considered classified.
            (d) Headsets with microphones.
                1.  Must be unplugged when not in use.
                2.  Must be wired and have push to talk capability.
                3.  May use either a 3.5mm audio jack or USB port.  If the 
headsets connect via a USB port, the Navy SSO will coordinate with the Naval 
Intelligence Activity (NIA) CIO prior to issuing a determination.
                4.  Headsets cannot contain noise-cancelling functionality.
                5.  Per reference (d), headsets must be government procured.
            (e) Web Cameras
                1.  Per reference (e), recording capabilities and restricted 
technologies (e.g. audio and video recorders, cameras, microphones, and 
devices with USB connectivity) introduce vulnerabilities to information and 
therefore impact SCIF security.
                2.  Cameras are considered medium risk portable electronic 
devices and may be allowed in a SCIF with approval of the CSA or Navy SSO, 
with concurrence of the NAVINTEL CIO with appropriate mitigations in place.
                3.  Reference (e) does not distinguish between digital and 
web cameras.  Direct all waiver requests to the Navy SSO.
    e.  Navy-accredited SAPFs.
        (1)  May be authorized by the Director, DON SAPCO on a case-by-case 
basis.

4.  Personally-owned peripherals, wired or Bluetooth-enabled  Use on Navy-
issued computers.
    a.  Not authorized in any classified workspaces.
    b.  Authorized in telework environments and unclassified government 
workspaces, with the following exceptions:
        (1) Per reference (a), peripherals manufactured by any source that is 
designated by Navy or the Defense Information Systems Agency (DISA) as being 
prohibited are not allowed.  This includes any company prohibited by law, to 
include Huawei, Zhong Xing Telecommunication Equipment (ZTE), Hikvision, 
Hytera, and Dahua.  (NOTE:  Users are encouraged to use the DISA APL at 
https://disa.deps.mil/org/SE6/Lists/APL/AllItems.aspx to inform their 
personal peripheral procurements).
        (2) Per reference (a), storage devices (e.g. Universal Serial Bus 
(USB) memory sticks, hard drives, digital cameras, etc.) are prohibited.
        (3) Per reference (a), external monitors are prohibited, when using 
USB connections.
            (a) Per reference (a), external monitors using VGA, DVI, HDMI, or 
Display Port connections, provided they do not have any memory storage 
capabilities, are authorized.
        (4) Per reference (f), any personally-owned device that provides 
print functions, including multi-function devices, are prohibited.

5.  This NAVADMIN will remain in effect until cancelled or superseded.

6.  Released by VADM Matthew J. Kohler, Deputy Chief of Naval Operations for 
Information Warfare, OPNAV N2N6.//

BT
#0001
NNNN
UNCLASSIFIED//
 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Who's Online   0 Members, 0 Anonymous, 16 Guests (See full list)

    • There are no registered users currently online
  • Latest Posts

    • Tony
      The FBI has contacted a Navy veteran, Richard Osthoff, as part of an investigation into embattled Rep. George Santos and a GoFundMe campaign to raise money for Osthoff's sick service dog. Osthoff confirmed the call from the FBI, and sources familiar with the matter confirmed the nature of the investigation -- which adds to the growing list of legal issues and controversies Santos, R-N.Y., is facing.
    • Tony
      CLASSIFICATION: UNCLASSIFIED//  ROUTINE  R 031617Z FEB 23 MID200080706682U  FM CNO WASHINGTON DC  TO NAVADMIN  BT  UNCLAS    NAVADMIN 025/23    MSGID/GENADMIN/CNO WASHINGTON DC/N1/FEB//    SUBJ/ORDER TO UPDATE NAVY FAMILY ACCOUNTABILITY AND ASSESSMENT SYSTEM  PERSONAL CONTACT INFORMATION (MARCH 2023)//    REF/A/DOC/OPNAV/23OCT14//  AMPN/REF A is OPNAVINST 3006.1 CH-2, PERSONNEL ACCOUNTABILITY IN CONJUNCTION  WITH CATASTROPHIC EVENTS.//    RMKS/1.  This NAVADMIN announces the semi-annual requirement for all Navy  uniformed and civilian personnel to update/verify their personal information  in the Navy Family Accountability and Assessment System (NFAAS), per  reference (a), no later than 31 March 2023.  If a record has been updated  in the system between 1 October 2022 and 31 March 2023, that record is  considered validated for the 31 March 2023 deadline.      a.  NFAAS is the system utilized by the Navy to account for personnel and  their families during widespread natural or man-made disasters.      b.  Accurate contact information of personnel and family members is  required to facilitate a quick and accurate muster of personnel in affected  areas.    2.  Applicability.  This message applies to all Navy uniformed personnel  (Active Duty and Reserve), Navy civilians (both APF and NAF), and Outside  Continental United States (OCONUS) contractors.      a.  It is mandatory for all uniformed personnel, and all categories of  their dependents to update and verify contact information.      b.  It is mandatory for non-bargaining unit civilian employees to update  their contact information.  Providing dependent's information is voluntary  but highly encouraged.  Failure to provide dependent information may impinge  on receipt of potential benefits, if applicable.      c.  It is mandatory for all OCONUS contractors, and all categories of  their dependents to update and verify contact information.      d.  Bargaining unit civilian employees are highly encouraged to provide  their contact and dependent information on a voluntary basis, until union  notification and subsequent impact and implementation bargaining takes place  (when applicable).  Providing contact information is critical in providing  support to DON civilians and their dependents during a disaster and the  subsequent recovery period.    3.  Echelon 2 Commanders, Region Commanders and Region Personnel  Accountability Representatives will ensure widest dissemination of this  notice to all subordinate commands, tenant commands and detachments for  action, as required. All Commanding Officers (CO)/Officers-in-Charge (OIC)  will ensure 100 percent compliance for mandatory personnel.  COs/OICs shall  contact pertinent Human Resources Offices to request notification of  applicable unions and OCONUS contractors (must provide associated  Unit Identification Code (UIC)).    4.  In addition, each command shall institute policies requiring personnel to  review/update their NFAAS data as standard practice during check-in and check  -out.  A tool is available in NFAAS to allow Commanding Officer  Representatives (COR) to "pull" personnel into their UIC.  In the event of  permanent address or contact information changes:      a.  Uniformed personnel, OCONUS contractors, and/or their dependents are  required to update NFAAS.      b.  Civilian non-bargaining unit employees are required to update NFAAS,  and their dependents are highly encouraged to update NFAAS.      c.  Civilian bargaining unit employees and their dependents are highly  encouraged to update NFAAS.    5.  To update contact information, access the NFAAS website  at https://navyfamily.navy.mil/.  Login and update member  information under the "My Info" tab, "Contact Information" section, and  sponsor's work location information.  Update family member information under  the "My Info" tab, "Family Member Info" section.  Edit member and family  member information as necessary and verify as current.  Personnel are  required to input their physical address; PO/APO/FPO addresses are not  authorized.  Additionally, users must ensure a Cell Carrier is selected from  the applicable drop-down list.  All family members enrolled in the  Exceptional Family Member Program must be identified as such.    6.  NFAAS can also be accessed from any mobile device web browser.  All  personnel are encouraged to download the latest version of the NFAAS mobile  app, which provides cognizant resources, checklists, preparation guidelines,  etc.  The app also provides a link to the mobile version of the NFAAS  website.  Although the app uses the same URL address as the NFAAS website,  when accessed via a mobile device, the site will be optimized to allow easy  viewing and navigation.  To ensure NFAAS notifications are received via the  app, go to the dashboard, select "Settings" and ensure the "Receive  Notifications" option is enabled.    7.  CORs can verify personnel update status using the Reports tab in NFAAS  and selecting "Address Information Update Status Roster Report by UIC."  Column K contains the date contact information was last updated.    8.  Points of contact:      a.  NFAAS Help Desk at paas(at)navy.mil.      b.  NFAAS Program Manager, Ms. Terenda Ruffin, at (202) 207-4402  or via e-mail at terenda.b.ruffin.civ(at)us.navy.mil.    9.  This NAVADMIN will remain in effect until superseded or canceled.    10.  Released by Vice Admiral Y. B. Lindsey, Commander, Navy Installations  Command.//    BT  #0001  NNNN  CLASSIFICATION: UNCLASSIFIED//
×
×
  • Create New...
Forum Home
www.NavyAdvancement.com
Boots | Navy Patches
Serving enlisted, veterans, spouses & family