Download - Keynote: USMC Mobile Security Overview
CHIEF, CYBER SECURITY DIVISION, U.S. MARINE CORPS
RAY LETTEER
HQMC C4 HQMC C4 Mobile & WirelessMobile & Wireless
InitiativesInitiatives
McAfee Summit McAfee Summit 20122012
HQMC C4 HQMC C4 Mobile & WirelessMobile & Wireless
InitiativesInitiatives
McAfee Summit McAfee Summit 20122012
“The Way It’s Always Been Done”
Mobile and Wireless Related Policies
Information Assurance Policies
Enterprise Cybersecurity Directives (ECSDs)
https://hqdod.hqmc.usmc.mil/Orders.asp
Mobile /Wireless Related Policies:
• ECSD 014: Wireless Local Area Networks (WLANs)• ECSD 006: Virtual Private Networks (VPNs)• ECSD 005: Portable Electronic Devices (PEDs)• ECSD 004: Remote Access
USMC ECSDs: WLANs & PEDs
Zone 1Publically Available Information
Zone 2Controlled Unclassified
Information
Zone 3Secret
REQU I REMENT S
Best Practices/Commercial Grade
Stringent/Certified Products
GOTS/NSA ApprovedCOTS/CSfC
COST
ECSD 005: PEDs (example)
MARINE AIR WING
SECRET
Monitoring the Air Waves
Flying SquirrelFlying Squirrel WIDS/WIPSWIDS/WIPS
Continuous Monitoring
APRIL-MAY
2012 AUG-SEPT
2012 FEB - MAR
2013
Remote Access
• “Virtual GFE” solution for untrusted hardware
• Ignores local hard drive – no malware vector
• Boots from read-only media, saves no state
• Includes VPN and remote desktop software
• CAC/PKI required to boot
• DISA Bootable Media Build received DISA ATO
Identify USMC RA Requirements
Develop USMC
LPS Build
C&A Package
EnterpriseUse
Secure Voice
2G
4G
3G
Circuit Circuit SwitchedSwitchedDataData
Packet Packet SwitchingSwitching
All IPAll IP
• USMC will have a capability gap for Classified Voice when CSD is phased out
• Need interoperable and cost effective solution• Need IA controls on legacy/current/emerging cellular
standards• FOUO = FOUO no matter voice, data, drawings, etc.
CELLULAR COMMS
Voice & Data
Mobile Application Control
App Development App Attestation App DistributionApp Acquisition
&&
Primary App Concerns
Mobility Strategy & Initiatives
(1) Improving reach back support and interoperability of our forwarddeployed forces (2) Leverage cloud computing and virtualization technologies where sensible(5) Employ and operate a flexible network that can adjust rapidly and dynamically to counter external and internal degradation and mission changes(10) Distribute enterprise services regionally and to forward deployed forces(13) Ensure IA is built into the SDLC where feasible
(1) Improving reach back support and interoperability of our forwarddeployed forces (2) Leverage cloud computing and virtualization technologies where sensible(5) Employ and operate a flexible network that can adjust rapidly and dynamically to counter external and internal degradation and mission changes(10) Distribute enterprise services regionally and to forward deployed forces(13) Ensure IA is built into the SDLC where feasible
MCIENT Strategic ObjectivesMCIENT Strategic Objectives
IA (Baked In vs. Bolted On)IA (Baked In vs. Bolted On)
• DON iOS PoC
• NOTM
• Secure PAN
• Trusted H2 w/ Tactical Sleeve
• MSA
• MCEITS
• ATOs/IATOs/IATTs- MAW Tablets- WWR- BlackBerry PlayBook- …
• Secure Voice
• Remote Access
• DON iOS PoC
• NOTM
• Secure PAN
• Trusted H2 w/ Tactical Sleeve
• MSA
• MCEITS
• ATOs/IATOs/IATTs- MAW Tablets- WWR- BlackBerry PlayBook- …
• Secure Voice
• Remote Access
USMC InitiativesUSMC Initiatives
1. Advance the wireless infrastructure
2. Institute mobile device
3. Promote the development and use of mobile apps
1. Advance the wireless infrastructure
2. Institute mobile device
3. Promote the development and use of mobile apps
DoD Mobility StrategyDoD Mobility Strategy
Wireless & Mobility Working Groups
DoD Collaboration
1. CNSS Wireless Security WGPOC: Norbert SnobeckE-mail: [email protected]
2. DoD Commercial Mobile Device WGPOC: Will AlbertsE-mail: [email protected]
3. DoD Mobility Group – CommitteePOC: Greg YoustE-mail: [email protected]
4. NIST Technical Exchange MeetingsPOC: Captain Joshua LoveE-mail: [email protected]
5. DON Mobility IPTPOC: Mike HernonE-mail: [email protected]
6. NPS Wireless Working GroupPOC: John GibsonE-mail: [email protected]
Contact Information
Ray LetteerChief, Cybersecurity Division (CY)USMC Senior Information Assurance OfficialMarine Corps Enterprise Network Approval OfficialNIPR: [email protected]: [email protected]
01010011 01100101 01101101 01110000 01100101 01110010 00100000 01000110 01101001 00100001