E-mail encryption, key to network security

  • Published
  • By Master Sgt. Kory Sola
  • 319th Communications Squadron
GRAND FORKS AIR FORCE BASE, N.D. --  The Department of Defense faces a hostile Cyberspace environment today more than any other time in history. Our adversaries continuously attempt to infiltrate the Non-Secure Internet Protocol Router Network and barrage the network with malicious e-mail, scams and phishing attempts.

Digitally signing and encrypting e-mail are two components to combat these threats, improve defense-in-depth, and secure the network. A signed and encrypted e-mail takes advantage of DoD's robust and trusted public key infrastructure and as signing and encrypting becomes a routine procedure, the threat of malicious e-mail will be reduced.

The first component of digitally signing and encrypting e-mail was implemented with the use of the common access cards for signing and encrypting e-mail from a user's mailbox. We are now at the point in time where we will begin to digitally sign and encrypt e-mail originating within organizational boxes. Many of the new programs that are being implemented, for example the new enlisted and officer promotion systems, require organizational boxes to have signing and encrypting capability.

Digital signatures shall be used whenever it is necessary for the recipient to be assured of the sender's identity, having confidence the message has not been modified, or when non-repudiation is required. Examples include formal direction to a government employee or contractor, messages that stipulate an Air Force official position on any matter, and messages that commit to, authorize, or deny the use of funds in some manner. Messages containing only unofficial information should not be digitally signed.

E-mails shall be encrypted when they contain for official use only information, Privacy Act information, health information, DoD payroll, finance, logistics, personnel management, proprietary and foreign government information regarding status, readiness, location or operational use of forces or equipment.

The information assurance office is the focal point on Grand Forks AFB to assist you in preparing the required documents for obtaining the certificates and assist you with downloading the certificates. They are the trusted agents for the local registration authority for all role-based certificates. If you have a need for organizational mailbox encryption, contact the IA office to get the process started.

A couple of requirements need to addressed before obtaining certificates. A sponsor for the mailbox should be appointed. This individual should be the primary manager for the mailbox. An Example would be the commander's secretary sponsoring the support staff mailbox. For additional information, please contact Master Sgt. Kory Sola at 747-6158 or Staff Sgt. Brian Browning at 747-4940.