Violators of PII will have AFNET accounts locked

  • Published
  • By Senior Airman Chase Hedrick
  • 39th Air Base Wing Public Affairs
INCIRLIK AIR BASE, Turkey --  Individuals who inappropriately store and transmit personally identifiable information over the Air Force network will now have their accounts locked in response to the violation.

"We are taking several steps to improve notification and reporting of PII incidents," said Gen. William Shelton, Commander of Air Force Space Command. "My intent is to increase awareness within the Air Force as part of my responsibility to ensure the security and defense of the AFNET and its users. PII violations create both a personal and operational risk for all of us."

The 68th Network Warfare Squadron and 352nd Network Warfare Squadron, as the Cyberspace Defense Analysis Weapon System, are actively monitoring the AFNET for PII breaches and violations. When a PII breach is identified, it is reported to the 624th Operations Center and the formal reporting process is initiated.

The 624th OC, as the Cyber Command and Control Mission System Weapon System, then reports the AFNET PII breach to the 24th Air Force Commander, which will result in locking the violator's AFNET account and notification to the individual's wing commander.

"Beginning Oct. 24, we began locking out the AFNET account of individuals who were found to be inappropriately transmitting PII data via the AFNET," explained Maj. Gen. J. Kevin McLaughlin, the Commander of 24th Air Force and Air Forces Cyber. "A violator's account will only be unlocked once the first O-6 in their chain of command certifies that the individual has accomplished all necessary actions, to include remedial training."

These new actions are in addition to, and do not circumvent or replace, the normal Privacy Act notification process which is already in place throughout the Air Force. Air Force Instruction 33-332 governs the PII breach reporting process as well as the consequences for PII violations.

PII is any information about an individual that can be used directly, or in connection with other data, to identify, contact or locate that person and can include such information as: full name, address, Social Security number, medical, educational, financial, legal and employment records.

A PII breach can lead to the potential for blackmail, emotional distress or unwarranted exposure for an affected individual, said Tech. Sgt. Sylvia Dozier, 39th Communications Squadron Freedom of Information Act and Privacy Act manager. She added that one major concern from a PII breach that can cost an individual a lot of time and money to repair is identity theft.

"Improper release of personal information that ends up in the wrong hands can result in fraud and other crimes by identity thieves," she said. "Financial account identifiers and social security numbers can make it easy for someone to obtain credit card and bank account information to make unauthorized transactions. This can lead to a person possibly having their credit ruined which could take years and a lot of money to repair."

A PII breach is defined as a loss of control, compromise, unauthorized disclosure, unauthorized acquisition, unauthorized access or any similar term referring to situations where persons other than authorized users, and for a un-authorized purpose, have access or potential access to PII, whether physical or electronic. However, there are steps to protect PII, said Dozier.

"First, ensure the recipient of the information has a need to know the information," she said. "Any time you send out official email containing PII, properly mark it by placing For Official Use Only or FOUO in the subject line and inserting the correct Privacy Act statement before the first line of text in the email. Lastly, make sure that you encrypt and digitally sign the email."

Additional information on protecting PII can be found of the Air Force Portal under the Cyber Threats and Information tab as well as at http://dpclo.defense.gov/privacy/.

(Editor's Note: This article uses material originally written by Maj. Brooke Brander, Air Force Space Command Public Affairs, and posted on www.af.mil)