[ISN] DOD decentralizes Wi-Fi

[InfoSec News]

http://www.fcw.com/fcw/articles/2004/0426/web-wifi-04-26-04.asp

By Frank Tiboni 
April 26, 2004 

The Defense Department's new wireless fidelity policy seeks help from
many of its agencies to ensure their employees and contractors use
caution when operating wireless computer devices at military
installations.

The chief information officer and DOD's Office of Networks and
Information Integration (NI2) oversee and monitor the new Wi-Fi
policy. But the undersecretary of Defense for Intelligence, the
Chairman of the Joint Chiefs of Staff, the U.S. Strategic Command, the
Defense Information Systems Agency and department staff officials all
get roles in the new policy.

It mandates that military and industry officials do not use wireless
devices to store, process and transmit classified information without
approval from the various agencies and department officials. Deputy
Defense Secretary Paul Wolfowitz issued the directive in an April 14
Defense Department directive titled, "Use of Commercial Wireless
Devices, Services, and Technologies in the Department of Defense
Global Information Grid."

Wireless devices include notebook computers with Internet or intranet
communications, personal digital assistants, cellular/personal
communications systems, portable electronic devices, audio and
video-recording machines, messaging and scanning devices and remote
sensors. They do not include Global Positioning System receivers,
receive-only pagers, hearing aids, pacemakers, personal life support
systems or other implanted medical devices, the directive said.

Wolfowitz explained the role of military agencies in enforcing the new
Wi-Fi policy:

* NI2 and CIO: Oversee policy, monitor it and work with military
  agencies to understand and enforce it.

* Undersecretary of Defense for Intelligence: Work with the Defense
  Intelligence Agency, the Defense Security Service and the National
  Security Agency to enforce the policy with employees and contractors
  including regular inspections. NSA officials must also implement a
  capability to assess risks and vulnerabilities with wireless
  devices.

* Chairman of the Joint Chiefs of Staff: Coordinate, develop and
  implement policy and procedures regarding operations between the
  services and department agencies.  * U.S. Strategic Command: Develop
  defensive measures to detect, deter and defeat computer network 
  attacks against military wireless systems.
 
* DISA: Incorporate wireless communications considerations into
  military information assurance efforts.

* OSD Principal Staff Assistants: Ensure procurement of wireless
  technologies include interoperability and security.