Mission Debrief: Removable Media
Removable Media, PEDs, and Mobile Devices
Removable media include flash media, such as thumb drives, memory sticks, and flash drives; external hard drives; optical discs (such as CDs, DVDs, and Blu-rays); and music players (such as iPods). Other portable electronic devices (PEDs) and mobile computing devices, such as laptops, fitness bands, tablets, smartphones, electronic readers, and Bluetooth devices, have similar features. The same rules and protections apply to both.
Risks Associated with Removable Media
The risks associated with removable media include:
- Introduction of malicious code
- Compromise of systems’ confidentiality, availability, and/or integrity
- Spillage of classified information
Potential consequences:
- Shutdown of systems
- Compromise of information, systems, programs, and/or assets
- Loss of mission
- Loss of life
Approved and Prohibited Devices
Your organization may severely restrict or prohibit the use of removable media and PEDs. Follow your organization’s policies or contact your security POC with questions.
- Use only removable media approved by your organization
- Only use flash media or other removable storage when operationally necessary, owned by your organization, and approved by the appropriate authority in accordance with policy
- Do not use any personally owned/non-organizational removable media on your organization’s systems
- Do not use your organization’s removable media on non-organizational/personal systems
- Never plug unauthorized devices into a government system
- Be aware that wireless connections to the devices bring increased threats and vulnerabilities
- Abide by the signed End User License Agreement for mobile devices
- Understand and follow your organization’s Bring Your Own Approved Device (BYOAD) policy
Appropriate Use of Removable Media
If your organization allows it, use removable media and PEDs appropriately:
- Do not download data from the classified networks onto removable storage media
- Encrypt data appropriately and in accordance with its classification or sensitivity level
- As a best practice, label all removable media regardless of classification or environment and avoid inserting removable media with unknown content into your computer
- Store according to the appropriate security classification in GSA-approved storage containers
- Mark all classified and sensitive material correctly
- Ensure unclassified media in a classified environment is labeled appropriately
- Label all media containing Privacy Act information, personally identifiable information (PII), or protected health information (PHI) appropriately regardless of environment
- Follow your organization’s policy for sanitizing, purging, discarding, and destroying removable media
- Destroy classified removable media in accordance with its classification level
SCIFs and Removable Media
When using removable media in a SCIF:
- Users must properly identify and disclose removable media with local Configuration/Change Management (CM) Control and Property Management authorities
- Users shall comply with site CM policies and procedures
- Media shall display a label inclusive of maximum classification, date of creation, POC, and CM Control Number
Accessibility
Section 508 of the Rehabilitation Act of 1973, as amended (29 U.S.C. § 794d) requires Federal departments and agencies to provide people with disabilities equal access to Federal electronic and information technology. The Information and Communications Technology (ICT) Final Standards and Guidelines (36 CFR Parts 1193 and 1194), effective as of 18 January 2018, addresses accessibility requirements covered by Section 508. The functional performance criteria (36 CFR Part 1194, Appendix C) require that information and communication technology provide:
-
At least one mode of operation for individuals who have:
- Sight impairment, including no vision, limited vision, and no perception of color (302.1-3)
- Hearing impairment, including no hearing and limited hearing (302.4-5)
- Speech impairment, including no speech (302.6)
- Mobility impairment, including limited manipulation and limited reach and strength (302.7-8)
- Features that make use simpler and easier for individuals with limited cognitive, language, and learning abilities (302.9)
DISA is proud to offer online training that is accessible to everyone, including individuals with disabilities. DISA tested this course for conformance with Level A and Level AA success criteria defined by the Web Content Accessibility Guidelines (WCAG) 2.0 (36 CFR Part 1194, Appendix A, E205.4), as well as compatibility with the popular screen reader JAWS. This course also offers several additional functions that offer alternative access to onscreen content.
All onscreen controls can be accessed without a mouse. Select Keyboard Navigation from the menu to learn more.
Audio descriptions of video and animated elements on screen are integrated into the main audio track where the narration is not otherwise sufficient to describe them. To access audio descriptions, select the AD button on the toolbar.
Audio can be read either through synchronized closed captioning or through a transcript of all the audio on a screen, contained within a pop-up browser window. To turn on closed captioning, select the CC button on the toolbar. To access a transcript of the current screen’s audio, select the Transcript button on the toolbar.
Speech is not required for this course.
This course offers flexibility to suit individual learning needs and styles. The course communicates information via auditory, visual, and written means. The course’s accessibility functions may also be used to transform auditory communication into written communication via closed captioning or the transcript, and to transform visual communication into auditory communication via the audio descriptions and/or a screen reader. In addition, the course is self-paced, allowing the opportunity to pause, review, and repeat information for as long as necessary to ensure understanding.
Help
| Name | Description |
|---|---|
| Menu | Select the MENU to access additional options and settings. |
| Dashboard | Select DASHBOARD from the Menu to return to the Challenge dashboard. |
| Tools Status | Select TOOLS STATUS from the Menu to view the status of the tools available to collect. |
| Information | Select INFORMATION from the Menu to view information about the Challenge. |
| Glossary | Select GLOSSARY from the menu to view the Challenge glossary. |
| Resources | Select RESOURCES from the menu to view additional Challenge-related resources. |
| Tutorial | Select TUTORIAL from the menu to play the Challenge tutorial. |
| Accessibility | Select ACCESSIBILITY from the menu to view accessibility information. |
| Keyboard Navigation | Select KEYBOARD NAVIGATION for keyboard controls for navigating the Challenge. |
| Media Settings | Select MEDIA SETTINGS to select options for the playback of multimedia in the Challenge. |
| System Specifications | Select SYSTEM SPECIFICATIONS to view the system specifications with which the Challenge is compatible. |
| Help | Select HELP for assistance with navigation. |
| Exit | Select EXIT to leave the Challenge. The next time you access the Challenge, you will be returned to the Dashboard. |
| Audio Transcript | Select TRANSCRIPT to display the entire narration script for the screen in a separate window. |
| Audio Description | Select AUDIO DESCRIPTION to toggle integrated audio descriptions of multimedia content on or off. |
| Closed Captioning | Select CLOSED CAPTIONING to toggle synchronized closed captioning of audio narration on or off. |
| Pause/Resume | Select PAUSE to stop the current play. To resume the audio and screen animation, select PLAY. |
| Play Head Control | Drag the play head back and forth or use the directional arrows provided at either end of the bar to jump backward or forward in the screen audio and animation. |
| Replay | Select REPLAY to restart the current screen from the beginning. |
| Next | Select NEXT to move to proceed forward through the Challenge. |
Information
Purpose:
Provide initial and annual refresher training on DoD cybersecurity policies and best practices.
Note that the examples provided in this course are created for training purposes only and do not endorse a commercial entity or its products or services.
Audience:
All authorized users of DoD information systems, including civilian and military employees and contractors both within the U.S. and deployed overseas, as well as members of the Intelligence Community (IC).
Estimated Duration:
70 minutes
Course Objectives:
-
Identify high-risk actions to avoid and best practices to use to keep
DoD, IC, and personal information and information systems secure
- Identify cybersecurity and why it is important
- Identify the different types of information and the requirements to protect each content type
- Identify the different forms and methods of cyber attacks
- Identify the types of technologies that are particularly vulnerable to attacks
Keyboard Navigation
The first interactive object on each screen is the “Skip to Content” button. Select this button to bypass the top navigation menu and shift focus to the content area of the current screen.
Interact with course controls and review course content with the following keys:
- Tab: cycles forward through each interactive element
- Shift + Tab: cycles backward through each interactive element
- Enter: activates the selected interactive element
- Spacebar: selects a checkbox when multiple selections are permitted
- Up and Down arrows: selects one radio button when a single selection is permitted
- Up and Down arrows when using JAWS: reads each line of text
After the screen content, there will be a “Skip Navigation” button. Select this button to bypass the bottom navigation menu and shift focus to the “Done” button.
Each course menu and navigation feature can also be activated with its respective access key:
- Menu: m
- Skip Back: w
- Pause/Play: p
- Skip Forward: f
- Replay: r
- Closed Captioning: c
- Audio Description: a
- Transcript: t
- Next: n
To use these keys, hold “alt” and select the desired key. Depending on the browser or screen reader, you may need to hold both “alt” and “shift” before selecting the desired key.
Screen Reader Assistance
Most of the visual content on each screen is also conveyed through the audio narration in combination with the provided audio descriptions. To access additional content or to complete a knowledge check, wait for the audio to finish and select “Skip to Content”, then use the down arrow to read the screen, or the tab key to access interactive buttons or controls.
Settings
Menu
Resources
System Specifications
| Component | Compatible, Tested Specifications |
|---|---|
| Operating systems |
Windows 10 and 11 macOS 14 Sonoma Red Hat Enterprise Linux 7.5 |
| Internet browsers |
Microsoft Edge 128 Google Chrome 128 Mozilla Firefox 130 Safari 17.3 |
| Mobile environments |
Apple iPad (8th Generation)
Samsung Galaxy Tab A7
|
| Security | JavaScript enabled |
| Accessibility | JAWS 2024 |
| CPU | >2 GHz |
| RAM | >4 GB |
| Display | Minimum 1024 x 768 resolution with 32-bit color |
| Audio | Speakers or headphones required |
| PDF viewer | Adobe Acrobat Reader 10.0 |
Tools Status
