R 221200Z AUG 01 ZYW
FM CMC WASHINGTON DC//C4//
TO MARADMIN
BT
UNCLAS //N01200//
MARADMIN 375/01
MSGID/GENADMIN/CMC WASHINGTON DC/C4//
SUBJ/INTERIM POLICY ON APPROPRIATE USE OF PERSONAL ELECTRONIC DEVICES
/(PEDS)//
REF/A/MSG/DIRNSA/171857ZJAN01//
REF/B/DOD DIR C-5200.19/16MAY95//
REF/C/MARADMIN/CMC WASHINGTON DC/071052ZDEC99//
REF/D/MSG/COMMARFOR CND/051300ZFEB01//
REF/E/MSG/COMMARFOR CND/012200ZMAR01//
REF F/DOC/DEPARTMENT OF DEFENSE/14JUL00//
REF G/DOC/DOD DIR 5200.28/21MAR88//
NARR/REF A IS DIRNSA INFORMATION ASSURANCE ADVISORY REGARDING
PERSONAL ELECTRONIC DEVICES. REF B IS THE DOD POLICY ON CONTROL OF
COMPROMISING EMANATION (TEMPEST). REF C PROVIDES THE MARINE CORPS
POLICY ON THE USE OF COMMERCIAL E-MAIL SERVICES. REF D IS A
COMMARFOR CND MSG ON REQUIRED SECURITY CONFIGURATIONS FOR REMOTE
ACCESS SERVICE (RAS). REF E PROVIDES ADDITIONAL CONFIGURATION
INFORMATION FOR PDA RAS CONNECTIONS. REF F IS A DOD MEMORANDUM ON THE
USE AND PROTECTION OF PORTABLE COMPUTING DEVICES. REF G IS A DOD
DIRECTIVE THAT DESCRIBES SECURITY REQUIREMENTS ASSOCIATED WITH
AUTOMATED INFORMATION SYSTEMS.//
POC/ELAINE CASSARA/GS-14/HQMC C4/-/TEL:DSN 223-3490/COMM:
703-693-3490/EMAIL:CASSARAES@HQMC.USMC.MIL//
RMKS/1. PURPOSE. THIS MSG ESTABLISHES INTERIM MARINE CORPS POLICY ON
THE USE OF PERSONAL ELECTRONIC DEVICES (PEDS). PEDS INCLUDE PERSONAL
DIGITAL ASSISTANTS (PDAS), PALMTOPS, HAND-HELD COMPUTERS, CELL PHONES
, TWO-WAY PAGERS, WIRELESS E-MAIL DEVICES, AND AUDIO AND VIDEO
RECORDING DEVICES. THE MARINE CORPS INFORMATION TECHNOLOGY STEERING
GROUP (ITSG) HAS APPROVED THIS POLICY. THIS POLICY WILL BE UPDATED
COMMENSURATE WITH EMERGING PED TECHNOLOGY.
2. BACKGROUND. PEDS ARE RAPIDLY GAINING IN POPULARITY AND USAGE
WITHIN MARINE CORPS ORGANIZATIONS AS A TOOL FOR COMMUNICATIONS,
ORGANIZING AND MANAGING TASKS, CALENDARS AND POC LISTS. THE
CAPABILITIES OF THESE DEVICES, AND THEIR POTENTIAL USE IN OR AROUND
AREAS WHERE CLASSIFIED OR SENSITIVE INFORMATION MAY BE DISCUSSED OR
PROCESSED, CREATE NEW RISKS OF WHICH LEADERS AND USERS MUST BE MADE
AWARE.
3. SCOPE. THIS POLICY APPLIES TO ALL PEDS, WHETHER THEY ARE OWNED BY
THE GOVERNMENT, A CONTRACTOR OR BY AN INDIVIDUAL. IT DOES NOT APPLY
TO THOSE DEVICES THAT ONLY HAVE THE ABILITY TO RECEIVE COMMERCIAL RF
BROADCASTS OR THAT ONLY PLAY PRERECORDED MEDIA. THIS POLICY IS
EFFECTIVE IMMEDIATELY.
4. DISCUSSION. STATE OF THE ART PEDS INCREASINGLY HAVE WIRELESS
TELECOMMUNICATIONS CAPABILITIES THAT OFFER TREMENDOUS ADVANTAGES FOR
GOVERNMENT USERS. HOWEVER, THE TECHNOLOGY ASSOCIATED WITH PEDS IS
ADVANCING AT SUCH A RAPID PACE THAT KNOWLEDGE OF RELATED
VULNERABILITIES IS FREQUENTLY INSUFFICIENT OR INADEQUATELY
DISSEMINATED. AS ALWAYS, A BALANCE BETWEEN SECURITY AND FUNCTIONALITY
IS REQUIRED IOT MAXIMIZE THE BENEFITS DERIVED FROM PEDS WHILE
PRESERVING THE ABILITY TO CONDUCT SECURE DISCUSSIONS, MEETINGS, AND
COMMUNICATIONS. ACCORDINGLY, THIS POLICY ESTABLISHES A DECISION
FRAMEWORK DESIGNED TO ENABLE THE MARINE CORPS ENTERPRISE NETWORK
(MCEN) DESIGNATED APPROVING AUTHORITY (DAA) AND ISSOS TO CAPITALIZE
ON THESE EMERGING CAPABILITIES WHILE UNDERSTANDING THE ASSOCIATED
VULNERABILITIES AND MANDATING PRUDENT SECURITY MEASURES WHERE
NECESSARY. REF A HIGHLIGHTS MULTIPLE PED VULNERABILITIES AND AN
EXTRACT IS PROVIDED BELOW FOR BACKGROUND INFORMATION. ADDITIONAL PED
VULNERABILITY INFORMATION MAY BE FOUND AT
WWW.MARFORINO.USMC.SMIL.MIL.
A. THE INTRODUCTION OR USE OF PEDS IN AREAS WHERE CLASSIFIED
INFORMATION MAY BE DISCUSSED OR PROCESSED SHOULD BE CAREFULLY
MANAGED AND CONTROLLED. IN ORDER TO INCREASE FUNCTIONALITY AND
USER CONVENIENCE, TODAY'S PEDS INCLUDE BUILT-IN FEATURES SUCH AS
INFRARED (IR), RADIO FREQUENCY (RF), AND TELEPHONE MODEM
COMMUNICATIONS CAPABILITIES. THESE SAME FEATURES, WHICH ARE
IMPLEMENTED TO ALLOW EASY CONNECTIVITY BETWEEN A PED AND OTHER
DEVICES FOR PERFORMING DATA EXCHANGES, ALONG WITH THEIR EXPANDED
MEMORY AND PROCESSING ABILITY, CREATE NEW AVENUES FOR POTENTIAL
ATTACKS. ATTEMPTS TO TEMPORARILY DISABLE THESE FEATURES BY
EXTERNAL MEANS MAY NOT ACTUALLY BE SOLUTIONS AND, IN SOME CASES,
MAY EVEN INCREASE RISK FROM THE ASSOCIATED VULNERABILITIES.
SOME OF THE FEATURES THAT POSE THE GREATEST RISK TO INFORMATION
OR INFORMATION SYSTEMS IN A CLASSIFIED ENVIRONMENT WHICH MAY NOT
BE FAMILIAR TO USERS INCLUDE:
1) IR COMMUNICATIONS CAPABILITY. SIMPLY COVERING THE IR
EMITTER/DETECTOR WITH AN OPAQUE COVERING IS NOT ADEQUATE
DUE TO VARIABILITY IN EFFECTIVENESS AND AN INABILITY TO
READILY DETERMINE THE CHARACTERISTICS OF THE COVERING BY
SIMPLE VISUAL INSPECTION. SINCE MOST, IF NOT ALL, UNITS
ARE CAPABLE OF BOTH SENDING AND RECEIVING WITHOUT
INDICATION TO THE USER, THIS FEATURE POSES A HIGH SECURITY
RISK, AND SHOULD ALWAYS BE DISABLED AS A DEFAULT MEASURE.
AN APPROVED METHOD OF DISABLING THE IR CAPABILITY IS TO
COVER THE IR PORT WITH METAL TAPE.
2) WIRELESS RF COMMUNICATIONS CAPABILITY. THIS CAPABILITY
IS NORMALLY PROVIDED IN ONE OF TWO WAYS: WIRELESS LOCAL
AREA NETWORK (LAN), OR CELL-PHONE TYPE MEDIUM-SPEED DATA
ACCESS. THE FREQUENCY RANGES OF THESE TWO SYSTEMS DIFFER,
AS DO THE DATA RATES AND THEREFORE THE QUANTITY OF DATA
THAT CAN BE TRANSMITTED AND RECEIVED IN A GIVEN PERIOD OF
TIME. IN BOTH CASES, THE DATA HANDLING CAPABILITIES ARE
NONTRIVIAL AND PRESENT A SECURITY RISK. REMOVAL OF THE
ANTENNA IS NOT A SUITABLE COUNTERMEASURE TO ELIMINATE RF
OPERATIONS, SINCE SOME SYSTEMS CAN COMMUNICATE WITH THE
ANTENNA PHYSICALLY REMOVED. ADDITIONALLY, IN SOME CASES,
REMOVAL OF THE ANTENNA REQUIRES THE ANTENNA TO BE RAISED,
WHICH ACTIVATES THE RF TRANSMITTER. SOUND OPSEC PROCEDURES
MUST BE ADHERED TO WHEN USING THIS TYPE OF DEVICE.
B. THE FOLLOWING AREAS ALSO CAUSE FAMILIAR SECURITY CONCERNS IN
PEDS AND NEED TO BE RECOGNIZED AND HANDLED CONSISTENT WITH
EXISTING SECURITY POLICIES AND PROCEDURES:
1) REMOVABLE STORAGE MEDIA. MANY NEWER DEVICES USE
REMOVABLE STORAGE MEDIA OF CONSIDERABLE CAPACITY IN BOTH
SOLID-STATE (E.G., FLASH MEMORY) OR MINIATURE VERSIONS OF
COMMON STORAGE EXEMPLIFIED BY IBM'S 1 GB "MICRODRIVE"
TECHNOLOGY. ANY SECURITY ISSUES ASSOCIATED WITH FLOPPY
DISKETTES IN PRESENT TECHNOLOGY ARE ALSO EXHIBITED IN THE
PED ARENA WITH REMOVABLE STORAGE. PED STORAGE DEVICES ARE
MUCH SMALLER AND EASIER TO CONCEAL THAN FLOPPY DISKETTES.
2) REMOVABLE PERIPHERAL/EXPANSION DEVICES (E.G., PC CARD/
PCMCIA AND SMART CARD DEVICES). MANY EXPANSION CARDS IN
THIS CATEGORY HAVE INDEPENDENT PROCESSING CAPABILITY FROM
THE HOST EQUIPMENT AND THEREFORE MAY CREATE VULNERABILITIES
EVEN WHERE NONE ARE PRESENT IN THE HOST UNIT.
3) AUDIO RECORDING CAPABILITY. VULNERABILITIES FROM THIS
CAPABILITY SHOULD BE WELL UNDERSTOOD AND APPRECIATED.
4) EASE OF UPGRADE AND AVAILABILITY OF AN EXTENSIVE LIBRARY
OF PROGRAMS HAVE ALLOWED USERS TO HAVE ACCESS TO SOFTWARE
FEATURES SUCH AS OS EXTENSIONS, UTILITIES, AND BUILT-IN
FEATURES. THESE PROGRAMS WERE CREATED TO ALLOW USERS TO
CONFIGURE THEIR PED TO THEIR LIKING, BUT ALSO ALLOWS EASY
STAGING OF ATTACKS.
5) CONNECTIVITY OF EXTERNAL DEVICE APPLICATIONS SUCH AS
EXTERNAL MODEMS, IR HUBS, OR IR TEXT SCANNERS. EXTERNAL
MODEMS LEFT CONNECTED TO A PHONE SYSTEM, WHETHER LIVE OR
IDLE, MAY ALLOW A COVERT CONNECTION TO AN EXTERNAL SOURCE.
CONNECTIONS TO A PHONE NETWORK SHOULD NEVER BE LEFT
UNATTENDED. IR HUBS MAY OPEN AN EASY ROUTE OF ATTACK. PEDS
AND OTHER DEVICES SHOULD NOT BE LEFT CONNECTED VIA IR FOR
EXTENDED PERIODS OF TIME AS AN EXTERNAL PARTY COULD GAIN
ACCESS REMOTELY. PORTABLE TEXT SCANNERS, IF USED
DECEPTIVELY, COULD ALLOW REMOTE ENTRY OF ATTACK PROGRAMS.
CARE SHOULD BE TAKEN TO NOT ONLY GUARD AGAINST UNAUTHORIZED
ACCESS TO A PED, BUT ALSO DEVICES WHICH MAY CONNECT OR
DOWNLOAD VIA IR.
6) TECHNIQUES EXIST THAT PERMIT AN ADVERSARY TO CAPTURE
WHAT IS DISPLAYED ON THE PED SCREEN FROM GREATER THAN
EXPECTED DISTANCES. USERS ARE CAUTIONED NOT TO DISPLAY
SENSITIVE DATA ON THEIR PED WHEN IN THE VICINITY OF
UNTRUSTED PARTIES OR FACILITIES.
7) EMPTY PED CRADLES, WHEN ATTACHED TO A USERS PC, CAN BE
USED TO CLONE A PED. CARE SHOULD BE TAKEN TO PHYSICALLY
SECURE A PED CRADLE WHEN NOT IN USE.
C. APPROPRIATE PHYSICAL SECURITY GUIDELINES AND PROCEDURES FOR
THE USE OF PEDS ARE OF PARAMOUNT IMPORTANCE. THE RISK OF
COMPROMISING CLASSIFIED OR SENSITIVE INFORMATION, RESULTING
FROM A PERSON LOSING THEIR PED TO AN ADVERSARY, IS HIGH. WHEN
PEDS ARE PERMITTED WITHIN SECURE SPACES, AN ENORMOUS AMOUNT OF
TRUST IS PLACED ON THE USER TO PROVIDE PHYSICAL SECURITY FOR
THE DEVICE. CONTAINED WITHIN THE PED ARE ALL THE COMPONENTS
NEEDED FOR A SOPHISTICATED REMOTELY ACTIVATED SURVEILLANCE
DEVICE. IF AN ADVERSARY GAINED ACCESS TO THE PED FOR AS LITTLE
AS THIRTY MINUTES, IT COULD BE RECONFIGURED TO COLLECT, PROCESS,
STORE, AND RETRANSMIT CLASSIFIED OR SENSITIVE DATA FROM WITHIN
THE SECURE SPACE.
5. POLICY. THE USE OF PEDS WITHIN THE MARINE CORPS WILL BE IN
ACCORDANCE WITH THE FOLLOWING:
A. REF B AND MCO 5510.19, WHICH IS CURRENTLY BEING STAFFED FOR
SIGNATURE.
B. MARINE CORPS POLICY ON THE USE OF COMMERCIAL E-MAIL SERVICES
AS SET FORTH IN REF C. THIS POLICY PROHIBITS THE USE OF
COMMERCIAL E-MAIL SERVICES FOR THE STORAGE OR TRANSFER OF
OFFICIAL E-MAIL OR DATA FILES. PALM.NET WOULD QUALIFY AS AN
EXAMPLE OF ONE SUCH SERVICE.
C. CLASSIFIED SPACES. PEDS INTRODUCE A HIGH LEVEL OF RISK TO
CLASSIFIED NETWORKS AND INFORMATION. THEREFORE PEDS WITH RF /
WIRELESS CAPABILITIES ARE NOT AUTHORIZED IN VAULTS, SECURE ROOMS
OR OTHER AREAS WHERE THE PRIMARY TYPE OF DATA BEING PROCESSED,
STORED OR DISCUSSED IS CLASSIFIED. PEDS WITH IR CAPABILITIES
MUST HAVE THE IR PORTS COVERED WITH METAL TAPE AND AUDIO AND
VIDEO RECORDING CAPABILITIES MUST BE DISABLED PRIOR TO PEDS
BEING ALLOWED INTO CLASSIFIED WORKSPACES.
D. UNCLASSIFIED SPACES. THE USE OF PEDS IN UNCLASSIFIED SPACES
OFFERS TREMENDOUS BENEFITS TO OPERATIONS BUT CARE MUST BE TAKEN
TO ENSURE APPROPRIATE SAFEGUARDS ARE ESTABLISHED TO PROPERLY
PROTECT SENSITIVE BUT UNCLASSIFIED (SBU) INFORMATION AND
SYSTEMS. THEREFORE:
1) INTRODUCTION AND USE OF PEDS IN LOCATIONS WHERE SBU
INFORMATION IS STORED, PROCESSED OR DISCUSSED IS AUTHORIZED
WHEN APPROVED BY THE DAA.
2) USERS MAY TRANSMIT AUTHORIZED PROGRAMS AND INFORMATION
BETWEEN TRUSTED PED DEVICES EXCEPT WHEN SUCH TRANSMISSION
MAY RESULT IN A COMPROMISE OF THE TRANSFERRED INFORMATION.
REFER TO REF A AND WWW.MARFORINO.USMC.SMIL.MIL FOR
ADDITIONAL INFORMATION REGARDING THIS VULNERABILITY.
3) AUDIO AND VIDEO RECORDING DEVICES WILL BE DISABLED PRIOR
TO THE PED BEING ALLOWED INTO THESE LOCATIONS.
E. PED TO NETWORK CONNECTION.
1) PEDS WILL ONLY BE CONNECTED TO UNCLASSIFIED GOVERNMENT
COMPUTERS AT LOCATIONS DESIGNATED AND APPROVED BY THE
COMMAND ISSO.
2) ONLY GOVERNMENT OWNED AND ISSUED PEDS THAT HAVE BEEN
CERTIFIED AND ACCREDITED ARE AUTHORIZED TO CONNECT TO THE
MCEN. CONTRACTOR OR PRIVATELY OWNED PEDS ARE NOT
AUTHORIZED TO CONNECT TO THE MCEN. PED CONNECTIONS TO THE
MCEN INCLUDE DIAL-UP CONNECTIONS, ETHERNET CONNECTIONS,
WIRELESS CONNECTIONS, CONNECTIONS VIA INFRARED PORTS AND
HOT SYNCHING VIA A MCEN-CONNECTED PC.
3) ONLY GOVERNMENT PED VERSIONS THAT HAVE ACHIEVED FIPS
140-1 VALIDATION FOR DATA ENCRYPTION ARE AUTHORIZED TO
ESTABLISH WIRELESS CONNECTIONS TO THE MCEN.
4) USE OF PED MODEMS WHILE THE PDA IS CONNECTED TO A
NETWORKED COMPUTER IS NOT AUTHORIZED. THE ESTABLISHMENT OF
ANY OTHER TYPE OF "BACKDOOR" TO THE MCEN IS NOT AUTHORIZED.
5) TO PREVENT THE PROLIFERATION OF TROJAN HORSE PROGRAMS
AND COMPUTER VIRUSES, GOVERNMENT OWNED PEDS WILL NOT BE
CONNECTED AT ANY TIME TO PERSONALLY OWNED COMPUTER
EQUIPMENT (I.E. 'HOTDOCKING' BETWEEN GOVERNMENT AND
NON-GOVERNMENT OWNED COMPUTERS).
F. SOFTWARE.
1) ONLY HQMC CIO APPROVED SOFTWARE IS AUTHORIZED FOR USE ON
GOVERNMENT OWNED PEDS. AN APPROVED SOFTWARE LIST WILL BE
AVAILABLE VIA THE CIO WEB PAGE IN THE NEAR FUTURE.
2) APPROVED SOFTWARE WILL ONLY BE DOWNLOADED FROM
AUTHORIZED SITES. A LIST OF AUTHORIZED SITES WILL ALSO BE
AVAILABLE ON THE CIO WEB PAGE IN THE NEAR FUTURE.
G. STORED INFORMATION. USERS MUST EXPECT THAT ANY INFORMATION
STORED ON A PED WILL BE SUBJECT TO EXPOSURE, THEREFORE:
1) ONLY UNCLASSIFIED INFORMATION NOT REQUIRING PROTECTION
MAY BE ENTERED, PROCESSED, STORED, OR TRANSMITTED ON PEDS.
2) PASSWORDS, COMBINATIONS, PINS AND OTHER FORMS OF USER
IDENTIFICATION SHALL NOT BE SAVED ONTO A PED.
3) DATA EXCHANGE VIA THE INFRA RED (IR) PORT SHOULD BE
LIMITED TO KNOWN, TRUSTED, GOVERNMENT DEVICES.
H. REMOVABLE STORAGE MEDIA, PERIPHERAL AND EXPANSION DEVICES.
1) REMOVABLE MEDIA WILL BE HANDLED ACCORDING TO EXISTING
POLICIES AND PROCEDURES FOR DOCUMENT HANDLING.
2) ONLY CERTIFIED AND ACCREDITED REMOVABLE PERIPHERAL/
EXPANSION DEVICES ARE AUTHORIZED FOR USE WITH PEDS.
6. ACTION.
A. MARCORSYSCOM IN CONJUNCTION WITH THE MITNOC WILL:
1) DEVELOP SECURITY CRITERIA AND EVALUATE PRODUCT
CREDIBILITY.
2) PERFORM SECURITY TESTS ON TRIAL PRODUCTS WHEN POSSIBLE.
3) ESTABLISH A MARINE CORPS ENTERPRISE SOLUTION FOR THE
PROCUREMENT, FIELDING, AND USE OF PEDS.
4) PROVIDE HQMC (C4) WITH PRODUCT RECOMMENDATIONS FOR
INCLUSION ON THE APPROVED PED PRODUCTS LIST.
5) CERTIFY AND ACCREDIT APPROVED PED HARDWARE, SOFTWARE,
AND PERIPHERALS.
6) PROVIDE CERTIFICATION AND ACCREDITATION DOCUMENTATION TO
MARINE CORPS COMMANDS IN SUPPORT OF PED FIELDING.
7) RECOMMEND SOFTWARE DOWNLOAD SITES.
B. HQMC C4/CP WILL:
1) APPROVE RECOMMENDED PED PRODUCTS.
2) PUBLISH A LIST OF PED HARDWARE, SOFTWARE, AND PERIPHERAL
DEVICES APPROVED FOR MARINE CORPS USE.
3) PUBLISH A LIST OF APPROVED SOFTWARE DOWNLOAD SITES.
4) UPDATE THIS POLICY AS REQUIRED TO ADDRESS EMERGING
PRODUCTS, VULNERABILITIES, AND RISK MITIGATION MEASURES.
C. COMMANDING OFFICERS WILL:
1) ENSURE COMMAND COMPLIANCE WITH THE ABOVE POLICY.
2) ENSURE THAT AUTHORIZED PED CONNECTION POINTS ARE
DESIGNATED FOR NETWORKS UNDER THEIR PURVIEW.
3) ENSURE NETWORK ACCREDITATION AND CERTIFICATION
DOCUMENTATION IS UPDATED TO REFLECT THE ADDITION OF PED
CONNECTION POINTS.
4) ENSURE THAT THE COMMAND ESTABLISHES AND IS PREPARED TO
IMPLEMENT PROCEDURES TO ISOLATE OR DISCONNECT PED
CONNECTION POINTS FROM THE NETWORK AS A DEFENSIVE MEASURE
THAT MAY BE DIRECTED BY MARFORINO.
5) ENSURE PED RELATED ACTIONS HEREIN ARE INCORPORATED INTO
COMMAND INFORMATION ASSURANCE TRAINING (BOTH INITIAL AND
RECURRING).
6) ENSURE PROCEDURES ARE ESTABLISHED AND PRACTICED ENSURING
GOVERNMENT INFORMATION IS NOT EXPOSED TO UNAUTHORIZED
ACCESS OR DISCLOSURE.
7) ENSURE THAT PEDS PREVIOUSLY PURCHASED WITHIN THEIR
COMMANDS ARE LOGGED INTO A MINOR PROPERTY ACCOUNTING
SYSTEM. AS PER REFS F AND G, ALL GOVERNMENT OWNED/
PURCHASED PEDS WILL BE ASSIGNED TO AN INDIVIDUAL, BY NAME
AND ORGANIZATION, AND WILL BE TRACKED AS PART OF THE
ORGANIZATIONAL INVENTORY.
8) FOR PEDS ISSUED BY OTHER MILITARY COMMANDS, ENSURE THAT
THE DEVICE IS LOGGED INTO THE MINOR PROPERTY ACCOUNTING
SYSTEM BEFORE IT CAN BE CONNECTED TO THE MCEN OR USED TO
PROCESS, STORE AND/OR TRANSMIT.
9) ENSURE THAT PEDS AND/OR HOT SYNCH CRADLES PREVIOUSLY
PURCHASED ARE RETURNED TO THE COMMAND RESPONSIBLE OFFICER
(RO) PRIOR TO THE INDIVIDUAL DEPARTING THE COMMAND. PER
REF F, ALL GOVERNMENT OWNED/PURCHASED PEDS WILL BE CLEARED
OF ALL DATA AND INSPECTED TO ENSURE ALL INFORMATION HAS
BEEN COMPLETELY REMOVED PRIOR TO REASSIGNMENT OF THE DEVICE
TO ANOTHER USER.
7. UNTIL HQMC PROVIDES AN APPROVED MARINE CORPS PED PRODUCTS LIST,
COMMANDS MAY CONTINUE TO USE COMMAND OWNED PEDS FOR THE FOLLOWING
ACTIVITIES:
A. REMOTE DIAL-IN IN ACCORDANCE WITH REFS D AND E.
B. NON-NETWORK CONNECTED USE IN UNCLASSIFIED AREAS WHERE
DESIGNATED BY A DAA.
C. HOT-SYNCHING WITH GOVERNMENT COMPUTERS AT APPROVED LOCATIONS.
D. IR TRANSFER OF FILES AND PROGRAMS WITH OTHER UNCLASSIFIED
GOVERNMENT PEDS OR COMPUTERS.
8. GOVERNMENT OWNED PEDS WITH NO WIRELESS/RF CAPABILITY THAT WERE
PURCHASED PRIOR TO THE RELEASE OF THIS POLICY MESSAGE WILL CONTINUE
TO BE ALLOWED TO CONNECT TO THE MCEN IAW THE GUIDELINES SET FORTH IN
THIS POLICY.
9. FAST MOVING INFORMATION TECHNOLOGY REQUIRES CAREFUL ATTENTION TO
ENSURE THE INTEGRITY OF THE MCEN. ADDITIONAL GUIDANCE AND DIRECTION
FOR THE SAFE USE OF PEDS WILL BE PUBLISHED AS NECESSARY TO ENSURE THE
INTEGRITY, AVAILABILITY, AND CONFIDENTIALITY OF THE MCEN.
10. REQUEST WIDEST DISSEMINATION OF THIS MSG.
11. POC FOR POLICY QUESTIONS IS MS ELAINE CASSARA, DSN 233-3490,
COMM 703-693-3490. TECHNICAL INQUIRIES SHOULD BE DIRECTED TO THE
MITNOC HELP DESK AT DSN 278-5300, COMM 703-784-5300, OR UNCLAS E-MAIL
HELPDESK@NOC.USMC.MIL.//
BT