Risk
8/6/2009
05:04 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Marine Corps Bans Social Media On Military Network

Wrestling with the changing nature of online communication and the need for operational security, the Marine Corps wants to formalize procedures for access to social sites on its network.

The U.S. Marine Corps on Monday issued a directive banning access to Internet social networking sites on the Marine Corps Enterprise Network because such sites represent a security risk.

Marine administrative message 458/09 says that social networking sites like Facebook, MySpace, and Twitter "are a proven haven for malicious actors and content and are particularly high risk due to information exposure, user generated content and targeting by adversaries."

Social networking sites create vulnerabilities that can be exploited and may expose unnecessary information to adversaries, putting military personnel at increased risk of compromise, the directive says.

The ban does not cover access to social networking sites though non-military networks. And to correct any misapprehension about that point, the Marine Corps Office of Public Affairs subsequently issued a clarification.

Marine administrative message 458/09, titled "Immediate Ban Of Internet Social Networking Sites (SNS) On Marine Corps Enterprise Network (MCEN) NIPRNET," "does not limit Marines' access to social networking sites," the Marine Corps statement insists. "Even before this message, sites such as YouTube, Facebook, MySpace and Twitter could not be accessed by Marines using the Marine Corps Enterprise Network in accordance with Marine Corps and Department of the Navy policies."

The Marine Corps says that many military organizations currently make use of social media through alternative Internet service providers. The point of the directive is to establish a formal waiver process for those who require access to social networking sites through the MCEN.

The Marine Corps statement goes on to encourage military personnel to tell their stories using social media, but to do so using personal accounts and their own ISPs while keeping operational security requirements and standards of behavior in mind at all times.

The Marine Corps has an official presence on a variety of social media sites, including Facebook, Flickr, Twitter, and YouTube.

There's a big buzz surrounding Government 2.0 -- the revolution that's bringing the principles and value of the Web as a platform to the business of governing. Attend Gov 2.0 Expo Showcase and hear innovators show how this is really happening. At the Washington Convention Center, Sept. 8. Find out more and register.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-3304
Published: 2014-10-30
Directory traversal vulnerability in Dell EqualLogic PS4000 with firmware 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.

CVE-2013-7409
Published: 2014-10-30
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.

CVE-2014-3446
Published: 2014-10-30
SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in BSS Continuity CMS 4.2.22640.0 allows remote attackers to execute arbitrary SQL commands via the nodeid parameter.

CVE-2014-3584
Published: 2014-10-30
The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.

CVE-2014-3623
Published: 2014-10-30
Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does properly enforce the SAML SubjectConfirmation method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vect...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.