Security of Information

From 7th Cavalry Wiki
Jump to navigation Jump to search
This is the Document Release Information
Article Number: 7CAV-R-028
Scope: Security of Information
Version: Version 1.0
Effective Date: 14 APR 19
Last Modified Date: DDMMMYYYY
Approving Authority: Regimental Commanding Officer
Point of Contact: Regimental Chief of Staff


Security of Information

Security of information protects the safety of our infrastructure (website, wiki, servers and hardware) and our proprietary content. It is important that we all help to keep both secure.

Passwords

  • Personal passwords for the Website/Echelon/Battlemetrics/Owncloud and others: Your personal passwords are your responsibility. If someone gains access to your password and you are a MILPACS clerk for example, a lot of damage could be done to our database. You must ensure your password is kept private and secure at all times. It is recommended that you change the password on a regular basis. Consult https://en.wikipedia.org/wiki/Password_strength for information on password strength.
  • Server admin passwords: These passwords are intended for certain levels of leadership and positions to allow them to administer the server/change maps etc. These passwords are passed on by the Chain-of-Command in your primary or support billet and are not to be shared with anyone else. If someone asks you for the server admin password, refer them to the Chain-of-Command.
  • Password protected training servers: The password for training servers should never be given to a member of the public or be displayed in such a way that a member of the public can see them.
  • Password protected public event servers: The password for event servers should be different from the training servers and should be easily remembered. Its main purpose is simply to prevent random members of the public from joining the event server while in use for events. It should be changed on a monthly basis at least and can be given to other organizations for the purpose of having them join the server to participate in joint events.
  • TeamSpeak: The TeamSpeak password is simply to keep random members of the public or players on our game servers from joining with the intent to troll. The security level we have set on the TeamSpeak server also helps to prevent this. This password may be given to the public with the intent of getting them into TeamSpeak for the purposes of recruiting. This includes recruiting posts on game developer forums, Steam, etc.

Field Manuals

Field manuals are documents that are created to be a resource for members in support of training courses developed by members of the unit. Field manuals may be shared publicly for the purpose of recruiting potential members into the unit.

Lesson Plans

Lesson plans are documents that spell out in detail how a specific course is to be run. These are not to be shared publicly. It's one thing to share battle drills, it's another to spell out how to teach them in a private setting. These documents are restricted to instructors who have a need to access them for the purpose of teaching a class.

Google Drive

A 7th Cavalry Google Drive has been setup to store documents for combat line units (Platoon+) and departments. Any documents being used by 7CAV members for 7CAV purposes should be stored on the 7th Cavalry Google Drive so access is available for the appropriate Chain of Command. Original documents and other resources authored by 7CAV members used for the execution of their duties (Section Practice plans, Training Plans, Battle Drills, Lesson Plans, counseling documents, disciplinary actions, other unit related plans, etc) are considered proprietary and should also be stored on the 7th Cavalry Google Drive. This helps us re-use or reference documents and other resources for the long term to continue to benefit the unit, even after personnel turnover.

Appropriate leadership billets can contact their direct CoC for access and it is each CoC's responsibility to also actively remove a subordinates' access who has left the unit or department and/or no longer holds the same position/billet.

Privileged Communications

This refers to communications and information that is passed to you confidentially, or to information regarding Regimental business.

You are expected and required to respect confidentiality when you possess information that is sensitive or of a personal nature. Obviously whether confidential or not, it is necessary to communicate this in some way through the chain of command to people who can assist or advise you, but you need to do it in a way that ensures it stays confidential.

Example: Trooper A tells you that someone has been harassing him.

This is a scenario that should be handled confidentially as should all discipline. Discipline is a matter between the leader and the subordinate and potentially people higher up in the chain of command, depending on the seriousness of the situation. In this example, it's a fairly serious matter, and one that should immediately be brought to the attention of your CoC. It should be discussed privately with them. You don't need to withhold information, but you should make sure not to discuss it with anyone else and you should be able to trust that your CoC won't either.