Officials Look to Solve Social Network Risks Without Ban
By John J. Kruzel
American Forces Press Service
WASHINGTON, Aug. 6, 2009 As Pentagon officials weigh the benefits and risks of social networking sites such as Twitter and Facebook, they hope to craft a policy that shores up security vulnerabilities without requiring a ban.
Meanwhile, the Marine Corps has clarified its guidelines on social networking, and officials said they would consider the findings gleaned in the Pentagon policy review due out in late September.
Defense officials have said the policy review will attempt to balance the pros of social networking – such as its value for recruiting, public affairs and communication between troops and their families -- against the potential security risks they create, which include violations of operations security, network vulnerability and bandwidth drain.
Asked if the Pentagon is leaning toward a policy that doesn’t require a departmentwide ban, Pentagon spokesman Bryan Whitman replied, “I think certainly it is.”
“We need to do this comprehensive review, determine what the vulnerabilities are, match that against the benefits we receive from being able to use these new tools and capabilities, and then try to establish a policy that will accommodate all of that,” Whitman said in an interview yesterday.
Defense Secretary Robert M. Gates is slated to receive a report on the threats and benefits of Web 2.0 tools before the end of the month, and a departmentwide policy is due in late September. Both Gates and Navy Adm. Mike Mullen, chairman of the Joint Chiefs of Staff, have embraced the new technologies.
The Pentagon’s chief information officer is taking the lead on the review, which was prompted by concerns raised at U.S. Strategic Command, officials said. Stratcom is responsible for overseeing the use of the “dot-mil” network.
For many junior-ranking troops, Youtube, MySpace and Facebook are more than mere diversions; they are the primary means through which young servicemembers communicate with friends and families while on deployments. They also represent avenues for recruiting efforts and dialogue between commanders and military personnel and families, Whitman said.
“So it is a part of our society; it is pervasive,” he said. “But we also have to be mindful that we don’t do things that will impede our ability to do our core missions here.”
Concern for maintaining operations security exists in cyberspace as it does in other social arenas, Whitman said. He added that the military’s operations security training regimen -- which emphasizes practicing security at the source -- also translates to social networking.
“Whether I’m communicating over the Internet or I’m talking to somebody at a local establishment socially,” he said, “I should be mindful of [operations security] and what I say, and whether or not it’s going to compromise any aspect of a military operation.”
In the midst of underlying tension between social networking’s pros and cons, the absence of a standing Defense Department policy has led to differing interpretations of how to mitigate threats, Whitman said.
“It’s an unevenness in the way in which people have applied -- locally -- policies associated with how they have assessed the threat,” he said. “And it reflects the tension that exists between wanting to use these social networking tools and wanting to protect our networks.
“I think that tension … is important for us to resolve at a department level so that commanders have some guidance when they’re looking at how to use these tools, as well as how to protect the networks,” he added.
No departmentwide directives ban the use of social networking and other Web 2.0 applications. But the Marine Corps’ block on social networks underscores the unevenness Whitman described.
Since early 2007, the Corps has blocked Marines from accessing sites such as Twitter, Facebook and YouTube through the Marine network. While Marines at home and abroad may use the sites on nonmilitary networks, only those with a waiver are exempted from the standing policy, Marine Corps officials said.
“Right now, the [Defense Department] has yet to come up with a policy on this,” said Ray Letteer, senior information assurance official for the Marine Corps. “So we … are just maintaining what has been the policy since 2007.”
The Marines this week issued a statement clarifying the service’s policy on social networking sites and spelling out guidelines for obtaining waivers in cases where access to such social networks is essential for a Marine’s military job.
As the Defense Department strives to find the right balance in its policy, the Corps also seeks to find harmony between security concerns and the Web capabilities’ legitimate use.
“We want to balance that security to protect our Marines on the network [and] at the same time start looking into using this new technology, this exciting capability of communication,” Letteer said, “but do it in a way … where we move in smartly, carefully and do it the right way the first time.”
He added that the Marines also will strive to balance the Defense Department’s study results with its own social networking policy.
“As with all directives from the Department of Defense, we will have to adapt and take a look at the impacts on this and be able to execute it in a way that will meet with what the [Defense Department] wants us to do,” Letteer said, “and still, of course, meet our Marine Corps mission.”