Email | Cancel Print Preview Print | Feeds

INTERIM POLICY ON APPROPRIATE USE OF PERSONAL ELECTRONIC DEVICES (PEDS) 

R 221200Z AUG 01  ZYW
  FM CMC WASHINGTON DC//C4//
  TO MARADMIN
  BT
  UNCLAS  //N01200//
  MARADMIN 375/01
  MSGID/GENADMIN/CMC WASHINGTON DC/C4//
  SUBJ/INTERIM POLICY ON APPROPRIATE USE OF PERSONAL ELECTRONIC DEVICES
  /(PEDS)//
  REF/A/MSG/DIRNSA/171857ZJAN01//
  REF/B/DOD DIR C-5200.19/16MAY95//
  REF/C/MARADMIN/CMC WASHINGTON DC/071052ZDEC99//
  REF/D/MSG/COMMARFOR CND/051300ZFEB01//
  REF/E/MSG/COMMARFOR CND/012200ZMAR01//
  REF F/DOC/DEPARTMENT OF DEFENSE/14JUL00//
  REF G/DOC/DOD DIR 5200.28/21MAR88//
  NARR/REF A IS DIRNSA INFORMATION ASSURANCE ADVISORY REGARDING
  PERSONAL ELECTRONIC DEVICES. REF B IS THE DOD POLICY ON CONTROL OF
  COMPROMISING EMANATION (TEMPEST).  REF C PROVIDES THE MARINE CORPS
  POLICY ON THE USE OF COMMERCIAL E-MAIL SERVICES.  REF D IS A
  COMMARFOR CND MSG ON REQUIRED SECURITY CONFIGURATIONS FOR REMOTE
  ACCESS SERVICE (RAS). REF E PROVIDES ADDITIONAL CONFIGURATION
  INFORMATION FOR PDA RAS CONNECTIONS. REF F IS A DOD MEMORANDUM ON THE
  USE AND PROTECTION OF PORTABLE COMPUTING DEVICES.  REF G IS A DOD
  DIRECTIVE THAT DESCRIBES SECURITY REQUIREMENTS ASSOCIATED WITH     
      AUTOMATED INFORMATION SYSTEMS.//
  POC/ELAINE CASSARA/GS-14/HQMC C4/-/TEL:DSN 223-3490/COMM:
  703-693-3490/EMAIL:CASSARAES@HQMC.USMC.MIL//
  RMKS/1. PURPOSE. THIS MSG ESTABLISHES INTERIM MARINE CORPS POLICY ON
  THE USE OF PERSONAL ELECTRONIC DEVICES (PEDS). PEDS INCLUDE PERSONAL
  DIGITAL ASSISTANTS (PDAS), PALMTOPS, HAND-HELD COMPUTERS, CELL PHONES
  , TWO-WAY PAGERS, WIRELESS E-MAIL DEVICES, AND AUDIO AND VIDEO
  RECORDING DEVICES.  THE MARINE CORPS INFORMATION TECHNOLOGY STEERING
  GROUP (ITSG) HAS APPROVED THIS POLICY.  THIS POLICY WILL BE UPDATED
  COMMENSURATE WITH EMERGING PED TECHNOLOGY.
  2. BACKGROUND. PEDS ARE RAPIDLY GAINING IN POPULARITY AND USAGE
  WITHIN MARINE CORPS ORGANIZATIONS AS A TOOL FOR COMMUNICATIONS,
  ORGANIZING AND MANAGING TASKS, CALENDARS AND POC LISTS. THE
  CAPABILITIES OF THESE DEVICES, AND THEIR POTENTIAL USE IN OR AROUND
  AREAS WHERE CLASSIFIED OR SENSITIVE INFORMATION MAY BE DISCUSSED OR
  PROCESSED, CREATE NEW RISKS OF WHICH LEADERS AND USERS MUST BE MADE
  AWARE.
  3. SCOPE.  THIS POLICY APPLIES TO ALL PEDS, WHETHER THEY ARE OWNED BY     
      THE GOVERNMENT, A CONTRACTOR OR BY AN INDIVIDUAL.  IT DOES NOT APPLY
  TO THOSE DEVICES THAT ONLY HAVE THE ABILITY TO RECEIVE COMMERCIAL RF
  BROADCASTS OR THAT ONLY PLAY PRERECORDED MEDIA. THIS POLICY IS
  EFFECTIVE IMMEDIATELY.
  4. DISCUSSION. STATE OF THE ART PEDS INCREASINGLY HAVE WIRELESS
  TELECOMMUNICATIONS CAPABILITIES THAT OFFER TREMENDOUS ADVANTAGES FOR
  GOVERNMENT USERS.  HOWEVER, THE TECHNOLOGY ASSOCIATED WITH PEDS IS
  ADVANCING AT SUCH A RAPID PACE THAT KNOWLEDGE OF RELATED
  VULNERABILITIES IS FREQUENTLY INSUFFICIENT OR INADEQUATELY
  DISSEMINATED. AS ALWAYS, A BALANCE BETWEEN SECURITY AND FUNCTIONALITY
  IS REQUIRED IOT MAXIMIZE THE BENEFITS DERIVED FROM PEDS WHILE
  PRESERVING THE ABILITY TO CONDUCT SECURE DISCUSSIONS, MEETINGS, AND
  COMMUNICATIONS.   ACCORDINGLY, THIS POLICY ESTABLISHES A DECISION
  FRAMEWORK DESIGNED TO ENABLE THE MARINE CORPS ENTERPRISE NETWORK
  (MCEN) DESIGNATED APPROVING AUTHORITY (DAA) AND ISSOS TO CAPITALIZE
  ON THESE EMERGING CAPABILITIES WHILE UNDERSTANDING THE ASSOCIATED
  VULNERABILITIES AND MANDATING PRUDENT SECURITY MEASURES WHERE     
      NECESSARY. REF A HIGHLIGHTS MULTIPLE PED VULNERABILITIES AND AN
  EXTRACT IS PROVIDED BELOW FOR BACKGROUND INFORMATION.  ADDITIONAL PED
  VULNERABILITY INFORMATION MAY BE FOUND AT
  WWW.MARFORINO.USMC.SMIL.MIL.
       A. THE INTRODUCTION OR USE OF PEDS IN AREAS WHERE CLASSIFIED
       INFORMATION MAY BE DISCUSSED OR PROCESSED SHOULD BE CAREFULLY
       MANAGED AND CONTROLLED.  IN ORDER TO INCREASE FUNCTIONALITY AND
       USER CONVENIENCE, TODAY'S PEDS INCLUDE BUILT-IN FEATURES SUCH AS
       INFRARED (IR), RADIO FREQUENCY (RF), AND TELEPHONE MODEM
       COMMUNICATIONS CAPABILITIES.  THESE SAME FEATURES, WHICH ARE
       IMPLEMENTED TO ALLOW EASY CONNECTIVITY BETWEEN A PED AND OTHER
       DEVICES FOR PERFORMING DATA EXCHANGES, ALONG WITH THEIR EXPANDED
       MEMORY AND PROCESSING ABILITY, CREATE NEW AVENUES FOR POTENTIAL
       ATTACKS.  ATTEMPTS TO TEMPORARILY DISABLE THESE FEATURES BY
       EXTERNAL MEANS MAY NOT ACTUALLY BE SOLUTIONS AND, IN SOME CASES,
       MAY EVEN INCREASE RISK FROM THE ASSOCIATED VULNERABILITIES.      
           SOME OF THE FEATURES THAT POSE THE GREATEST RISK TO INFORMATION
       OR INFORMATION SYSTEMS IN A CLASSIFIED ENVIRONMENT WHICH MAY NOT
       BE FAMILIAR TO USERS INCLUDE:
            1) IR COMMUNICATIONS CAPABILITY.  SIMPLY COVERING THE IR
            EMITTER/DETECTOR WITH AN OPAQUE COVERING IS NOT ADEQUATE
            DUE TO VARIABILITY IN EFFECTIVENESS AND AN INABILITY TO
            READILY DETERMINE THE CHARACTERISTICS OF THE COVERING BY
            SIMPLE VISUAL INSPECTION.  SINCE MOST, IF NOT ALL, UNITS
            ARE CAPABLE OF BOTH SENDING AND RECEIVING WITHOUT
            INDICATION TO THE USER, THIS FEATURE POSES A HIGH SECURITY
            RISK, AND SHOULD ALWAYS BE DISABLED AS A DEFAULT MEASURE.
            AN APPROVED METHOD OF DISABLING THE IR CAPABILITY IS TO
            COVER THE IR PORT WITH METAL TAPE.
            2) WIRELESS RF COMMUNICATIONS CAPABILITY. THIS CAPABILITY
            IS NORMALLY PROVIDED IN ONE OF TWO WAYS: WIRELESS LOCAL
            AREA NETWORK (LAN), OR CELL-PHONE TYPE MEDIUM-SPEED DATA     
                ACCESS.  THE FREQUENCY RANGES OF THESE TWO SYSTEMS DIFFER,
            AS DO THE DATA RATES AND THEREFORE THE QUANTITY OF DATA
            THAT CAN BE TRANSMITTED AND RECEIVED IN A GIVEN PERIOD OF
            TIME.  IN BOTH CASES, THE DATA HANDLING CAPABILITIES ARE
            NONTRIVIAL AND PRESENT A SECURITY RISK. REMOVAL OF THE
            ANTENNA IS NOT A SUITABLE COUNTERMEASURE TO ELIMINATE RF
            OPERATIONS, SINCE SOME SYSTEMS CAN COMMUNICATE WITH THE
            ANTENNA PHYSICALLY REMOVED.  ADDITIONALLY, IN SOME CASES,
            REMOVAL OF THE ANTENNA REQUIRES THE ANTENNA TO BE RAISED,
            WHICH ACTIVATES THE RF TRANSMITTER.  SOUND OPSEC PROCEDURES
            MUST BE ADHERED TO WHEN USING THIS TYPE OF DEVICE.
       B. THE FOLLOWING AREAS ALSO CAUSE FAMILIAR SECURITY CONCERNS IN
       PEDS AND NEED TO BE RECOGNIZED AND HANDLED CONSISTENT WITH
       EXISTING SECURITY POLICIES AND PROCEDURES:
            1) REMOVABLE STORAGE MEDIA.  MANY NEWER DEVICES USE
            REMOVABLE STORAGE MEDIA OF CONSIDERABLE CAPACITY IN BOTH     
                SOLID-STATE (E.G., FLASH MEMORY) OR MINIATURE VERSIONS OF
            COMMON STORAGE EXEMPLIFIED BY IBM'S 1 GB "MICRODRIVE"
            TECHNOLOGY.  ANY SECURITY ISSUES ASSOCIATED WITH FLOPPY
            DISKETTES IN PRESENT TECHNOLOGY ARE ALSO EXHIBITED IN THE
            PED ARENA WITH REMOVABLE STORAGE.  PED STORAGE DEVICES ARE
            MUCH SMALLER AND EASIER TO CONCEAL THAN FLOPPY DISKETTES.
            2) REMOVABLE PERIPHERAL/EXPANSION DEVICES (E.G., PC CARD/
            PCMCIA AND SMART CARD DEVICES).  MANY EXPANSION CARDS IN
            THIS CATEGORY HAVE INDEPENDENT PROCESSING CAPABILITY FROM
            THE HOST EQUIPMENT AND THEREFORE MAY CREATE VULNERABILITIES
            EVEN WHERE NONE ARE PRESENT IN THE HOST UNIT.
            3) AUDIO RECORDING CAPABILITY.  VULNERABILITIES FROM THIS
            CAPABILITY SHOULD BE WELL UNDERSTOOD AND APPRECIATED.
            4) EASE OF UPGRADE AND AVAILABILITY OF AN EXTENSIVE LIBRARY
            OF PROGRAMS HAVE ALLOWED USERS TO HAVE ACCESS TO SOFTWARE
            FEATURES SUCH AS OS EXTENSIONS, UTILITIES, AND BUILT-IN     
                FEATURES.  THESE PROGRAMS WERE CREATED TO ALLOW USERS TO
            CONFIGURE THEIR PED TO THEIR LIKING, BUT ALSO ALLOWS EASY
            STAGING OF ATTACKS.
            5) CONNECTIVITY OF EXTERNAL DEVICE APPLICATIONS SUCH AS
            EXTERNAL MODEMS, IR HUBS, OR IR TEXT SCANNERS. EXTERNAL
            MODEMS LEFT CONNECTED TO A PHONE SYSTEM, WHETHER LIVE OR
            IDLE, MAY ALLOW A COVERT CONNECTION TO AN EXTERNAL SOURCE.
            CONNECTIONS TO A PHONE NETWORK SHOULD NEVER BE LEFT
            UNATTENDED. IR HUBS MAY OPEN AN EASY ROUTE OF ATTACK.  PEDS
            AND OTHER DEVICES SHOULD NOT BE LEFT CONNECTED VIA IR FOR
            EXTENDED PERIODS OF TIME AS AN EXTERNAL PARTY COULD GAIN
            ACCESS REMOTELY. PORTABLE TEXT SCANNERS, IF USED
            DECEPTIVELY, COULD ALLOW REMOTE ENTRY OF ATTACK PROGRAMS.
            CARE SHOULD BE TAKEN TO NOT ONLY GUARD AGAINST UNAUTHORIZED
            ACCESS TO A PED, BUT ALSO DEVICES WHICH MAY CONNECT OR
            DOWNLOAD VIA IR.
            6) TECHNIQUES EXIST THAT PERMIT AN ADVERSARY TO CAPTURE     
                WHAT IS DISPLAYED ON THE PED SCREEN FROM GREATER THAN
            EXPECTED DISTANCES.  USERS ARE CAUTIONED NOT TO DISPLAY
            SENSITIVE DATA ON THEIR PED WHEN IN THE VICINITY OF
            UNTRUSTED PARTIES OR FACILITIES.
            7) EMPTY PED CRADLES, WHEN ATTACHED TO A USERS PC, CAN BE
            USED TO CLONE A PED.  CARE SHOULD BE TAKEN TO PHYSICALLY
            SECURE A PED CRADLE WHEN NOT IN USE.
       C. APPROPRIATE PHYSICAL SECURITY GUIDELINES AND PROCEDURES FOR
       THE USE OF PEDS ARE OF PARAMOUNT IMPORTANCE. THE RISK OF
       COMPROMISING CLASSIFIED OR SENSITIVE INFORMATION, RESULTING
       FROM A PERSON LOSING THEIR PED TO AN ADVERSARY, IS HIGH.  WHEN
       PEDS ARE PERMITTED WITHIN SECURE SPACES, AN ENORMOUS AMOUNT OF
       TRUST IS PLACED ON THE USER TO PROVIDE PHYSICAL SECURITY FOR
       THE DEVICE.  CONTAINED WITHIN THE PED ARE ALL THE COMPONENTS
       NEEDED FOR A SOPHISTICATED REMOTELY ACTIVATED SURVEILLANCE
       DEVICE.  IF AN ADVERSARY GAINED ACCESS TO THE PED FOR AS LITTLE     
           AS THIRTY MINUTES, IT COULD BE RECONFIGURED TO COLLECT, PROCESS,
       STORE, AND RETRANSMIT CLASSIFIED OR SENSITIVE DATA FROM WITHIN
       THE SECURE SPACE.
  5. POLICY. THE USE OF PEDS WITHIN THE MARINE CORPS WILL BE IN
  ACCORDANCE WITH THE FOLLOWING:
       A. REF B AND MCO 5510.19, WHICH IS CURRENTLY BEING STAFFED FOR
       SIGNATURE.
       B. MARINE CORPS POLICY ON THE USE OF COMMERCIAL E-MAIL SERVICES
       AS SET FORTH IN REF C.  THIS POLICY PROHIBITS THE USE OF
       COMMERCIAL E-MAIL SERVICES FOR THE STORAGE OR TRANSFER OF
       OFFICIAL E-MAIL OR DATA FILES. PALM.NET WOULD QUALIFY AS AN
       EXAMPLE OF ONE SUCH SERVICE.
       C. CLASSIFIED SPACES. PEDS INTRODUCE A HIGH LEVEL OF RISK TO
       CLASSIFIED NETWORKS AND INFORMATION.  THEREFORE PEDS WITH RF /
       WIRELESS CAPABILITIES ARE NOT AUTHORIZED IN VAULTS, SECURE ROOMS
       OR OTHER AREAS WHERE THE PRIMARY TYPE OF DATA BEING PROCESSED,
       STORED OR DISCUSSED IS CLASSIFIED.  PEDS WITH IR CAPABILITIES
       MUST HAVE THE IR PORTS COVERED WITH METAL TAPE AND AUDIO AND     
           VIDEO RECORDING CAPABILITIES MUST BE DISABLED PRIOR TO PEDS
       BEING ALLOWED INTO CLASSIFIED WORKSPACES.
       D. UNCLASSIFIED SPACES. THE USE OF PEDS IN UNCLASSIFIED SPACES
       OFFERS TREMENDOUS BENEFITS TO OPERATIONS BUT CARE MUST BE TAKEN
       TO ENSURE APPROPRIATE SAFEGUARDS ARE ESTABLISHED TO PROPERLY
       PROTECT SENSITIVE BUT UNCLASSIFIED (SBU) INFORMATION AND
       SYSTEMS.  THEREFORE:
            1) INTRODUCTION AND USE OF PEDS IN LOCATIONS WHERE SBU
            INFORMATION IS STORED, PROCESSED OR DISCUSSED IS AUTHORIZED
            WHEN APPROVED BY THE DAA.
            2) USERS MAY TRANSMIT AUTHORIZED PROGRAMS AND INFORMATION
            BETWEEN TRUSTED PED DEVICES EXCEPT WHEN SUCH TRANSMISSION
            MAY RESULT IN A COMPROMISE OF THE TRANSFERRED INFORMATION.
            REFER TO REF A AND WWW.MARFORINO.USMC.SMIL.MIL FOR
            ADDITIONAL INFORMATION REGARDING THIS VULNERABILITY.
            3) AUDIO AND VIDEO RECORDING DEVICES WILL BE DISABLED PRIOR
            TO THE PED BEING ALLOWED INTO THESE LOCATIONS.    
           E. PED TO NETWORK CONNECTION.
            1) PEDS WILL ONLY BE CONNECTED TO UNCLASSIFIED GOVERNMENT
            COMPUTERS AT LOCATIONS DESIGNATED AND APPROVED BY THE
            COMMAND ISSO.
            2) ONLY GOVERNMENT OWNED AND ISSUED PEDS THAT HAVE BEEN
            CERTIFIED AND ACCREDITED ARE AUTHORIZED TO CONNECT TO THE
            MCEN.  CONTRACTOR OR PRIVATELY OWNED PEDS ARE NOT
            AUTHORIZED TO CONNECT TO THE MCEN.  PED CONNECTIONS TO THE
            MCEN INCLUDE DIAL-UP CONNECTIONS, ETHERNET CONNECTIONS,
            WIRELESS CONNECTIONS, CONNECTIONS VIA INFRARED PORTS AND
            HOT SYNCHING VIA A MCEN-CONNECTED PC.
            3) ONLY GOVERNMENT PED VERSIONS THAT HAVE ACHIEVED FIPS
            140-1 VALIDATION FOR DATA ENCRYPTION ARE AUTHORIZED TO
            ESTABLISH WIRELESS CONNECTIONS TO THE MCEN.
            4) USE OF PED MODEMS WHILE THE PDA IS CONNECTED TO A
            NETWORKED COMPUTER IS NOT AUTHORIZED. THE ESTABLISHMENT OF
            ANY OTHER TYPE OF "BACKDOOR" TO THE MCEN IS NOT AUTHORIZED.    
                5) TO PREVENT THE PROLIFERATION OF TROJAN HORSE PROGRAMS
            AND COMPUTER VIRUSES, GOVERNMENT OWNED PEDS WILL NOT BE
            CONNECTED AT ANY TIME TO PERSONALLY OWNED COMPUTER
            EQUIPMENT (I.E. 'HOTDOCKING' BETWEEN GOVERNMENT AND
            NON-GOVERNMENT OWNED COMPUTERS).
       F. SOFTWARE.
            1) ONLY HQMC CIO APPROVED SOFTWARE IS AUTHORIZED FOR USE ON
            GOVERNMENT OWNED PEDS.  AN APPROVED SOFTWARE LIST WILL BE
            AVAILABLE VIA THE CIO WEB PAGE IN THE NEAR FUTURE.
            2) APPROVED SOFTWARE WILL ONLY BE DOWNLOADED FROM
            AUTHORIZED SITES.  A LIST OF AUTHORIZED SITES WILL ALSO BE
            AVAILABLE ON THE CIO WEB PAGE IN THE NEAR FUTURE.
       G. STORED INFORMATION.  USERS MUST EXPECT THAT ANY INFORMATION
       STORED ON A PED WILL BE SUBJECT TO EXPOSURE, THEREFORE:
            1) ONLY UNCLASSIFIED INFORMATION NOT REQUIRING PROTECTION
            MAY BE ENTERED, PROCESSED, STORED, OR TRANSMITTED ON PEDS.
            2) PASSWORDS, COMBINATIONS, PINS AND OTHER FORMS OF USER     
                IDENTIFICATION SHALL NOT BE SAVED ONTO A PED.
            3) DATA EXCHANGE VIA THE INFRA RED (IR) PORT SHOULD BE
            LIMITED TO KNOWN, TRUSTED, GOVERNMENT DEVICES.
       H. REMOVABLE STORAGE MEDIA, PERIPHERAL AND EXPANSION DEVICES.
            1) REMOVABLE MEDIA WILL BE HANDLED ACCORDING TO EXISTING
            POLICIES AND PROCEDURES FOR DOCUMENT HANDLING.
            2) ONLY CERTIFIED AND ACCREDITED REMOVABLE PERIPHERAL/
            EXPANSION DEVICES ARE AUTHORIZED FOR USE WITH PEDS.
  6. ACTION.
       A. MARCORSYSCOM IN CONJUNCTION WITH THE MITNOC WILL:
            1) DEVELOP SECURITY CRITERIA AND EVALUATE PRODUCT
            CREDIBILITY.
            2) PERFORM SECURITY TESTS ON TRIAL PRODUCTS WHEN POSSIBLE.
            3) ESTABLISH A MARINE CORPS ENTERPRISE SOLUTION FOR THE
            PROCUREMENT, FIELDING, AND USE OF PEDS.
            4) PROVIDE HQMC (C4) WITH PRODUCT RECOMMENDATIONS FOR
            INCLUSION ON THE APPROVED PED PRODUCTS LIST.
            5) CERTIFY AND ACCREDIT APPROVED PED HARDWARE, SOFTWARE,     
                AND PERIPHERALS.
            6) PROVIDE CERTIFICATION AND ACCREDITATION DOCUMENTATION TO
            MARINE CORPS COMMANDS IN SUPPORT OF PED FIELDING.
            7) RECOMMEND SOFTWARE DOWNLOAD SITES.
       B. HQMC C4/CP WILL:
            1) APPROVE RECOMMENDED PED PRODUCTS.
            2) PUBLISH A LIST OF PED HARDWARE, SOFTWARE, AND PERIPHERAL
            DEVICES APPROVED FOR MARINE CORPS USE.
            3) PUBLISH A LIST OF APPROVED SOFTWARE DOWNLOAD SITES.
            4) UPDATE THIS POLICY AS REQUIRED TO ADDRESS EMERGING
            PRODUCTS, VULNERABILITIES, AND RISK MITIGATION MEASURES.
       C. COMMANDING OFFICERS WILL:
            1) ENSURE COMMAND COMPLIANCE WITH THE ABOVE POLICY.
            2) ENSURE THAT AUTHORIZED PED CONNECTION POINTS ARE
            DESIGNATED FOR NETWORKS UNDER THEIR PURVIEW.
            3) ENSURE NETWORK ACCREDITATION AND CERTIFICATION
            DOCUMENTATION IS UPDATED TO REFLECT THE ADDITION OF PED
            CONNECTION POINTS.
            4) ENSURE THAT THE COMMAND ESTABLISHES AND IS PREPARED TO     
                IMPLEMENT PROCEDURES TO ISOLATE OR DISCONNECT PED
            CONNECTION POINTS FROM THE NETWORK AS A DEFENSIVE MEASURE
            THAT MAY BE DIRECTED BY MARFORINO.
            5) ENSURE PED RELATED ACTIONS HEREIN ARE INCORPORATED INTO
            COMMAND INFORMATION ASSURANCE TRAINING (BOTH INITIAL AND
            RECURRING).
            6) ENSURE PROCEDURES ARE ESTABLISHED AND PRACTICED ENSURING
            GOVERNMENT INFORMATION IS NOT EXPOSED TO UNAUTHORIZED
            ACCESS OR DISCLOSURE.
            7) ENSURE THAT PEDS PREVIOUSLY PURCHASED WITHIN THEIR
            COMMANDS ARE LOGGED INTO A MINOR PROPERTY ACCOUNTING
            SYSTEM.  AS PER REFS F AND G, ALL GOVERNMENT OWNED/
            PURCHASED PEDS WILL BE ASSIGNED TO AN INDIVIDUAL, BY NAME
            AND ORGANIZATION, AND WILL BE TRACKED AS PART OF THE
            ORGANIZATIONAL INVENTORY.
            8) FOR PEDS ISSUED BY OTHER MILITARY COMMANDS, ENSURE THAT
            THE DEVICE IS LOGGED INTO THE MINOR PROPERTY ACCOUNTING
            SYSTEM BEFORE IT CAN BE CONNECTED TO THE MCEN OR USED TO     
                PROCESS, STORE AND/OR TRANSMIT.
            9) ENSURE THAT PEDS AND/OR HOT SYNCH CRADLES PREVIOUSLY
            PURCHASED ARE RETURNED TO THE COMMAND RESPONSIBLE OFFICER
            (RO) PRIOR TO THE INDIVIDUAL DEPARTING THE COMMAND.  PER
            REF F, ALL GOVERNMENT OWNED/PURCHASED PEDS WILL BE CLEARED
            OF ALL DATA AND INSPECTED TO ENSURE ALL INFORMATION HAS
            BEEN COMPLETELY REMOVED PRIOR TO REASSIGNMENT OF THE DEVICE
            TO ANOTHER USER.
  7. UNTIL HQMC PROVIDES AN APPROVED MARINE CORPS PED PRODUCTS LIST,
  COMMANDS MAY CONTINUE TO USE COMMAND OWNED PEDS FOR THE FOLLOWING
  ACTIVITIES:
       A. REMOTE DIAL-IN IN ACCORDANCE WITH REFS D AND E.
       B. NON-NETWORK CONNECTED USE IN UNCLASSIFIED AREAS WHERE
       DESIGNATED BY A DAA.
       C. HOT-SYNCHING WITH GOVERNMENT COMPUTERS AT APPROVED LOCATIONS.
       D. IR TRANSFER OF FILES AND PROGRAMS WITH OTHER UNCLASSIFIED
       GOVERNMENT PEDS OR COMPUTERS.
  8. GOVERNMENT OWNED PEDS WITH NO WIRELESS/RF CAPABILITY THAT WERE
  PURCHASED PRIOR TO THE RELEASE OF THIS POLICY MESSAGE WILL CONTINUE     
      TO BE ALLOWED TO CONNECT TO THE MCEN IAW THE GUIDELINES SET FORTH IN
  THIS POLICY.
  9. FAST MOVING INFORMATION TECHNOLOGY REQUIRES CAREFUL ATTENTION TO
  ENSURE THE INTEGRITY OF THE MCEN.  ADDITIONAL GUIDANCE AND DIRECTION
  FOR THE SAFE USE OF PEDS WILL BE PUBLISHED AS NECESSARY TO ENSURE THE
  INTEGRITY, AVAILABILITY, AND CONFIDENTIALITY OF THE MCEN.
  10. REQUEST WIDEST DISSEMINATION OF THIS MSG.
  11. POC FOR POLICY QUESTIONS IS MS ELAINE CASSARA, DSN 233-3490,
  COMM 703-693-3490.  TECHNICAL INQUIRIES SHOULD BE DIRECTED TO THE
  MITNOC HELP DESK AT DSN 278-5300, COMM 703-784-5300, OR UNCLAS E-MAIL
  HELPDESK@NOC.USMC.MIL.//
  BT