Classified Data HandlingClassified Data Handling

By Francesco ScarimboloBy Francesco Scarimbolo

OutlineOutline

Purpose & Overall AuthorityPurpose & Overall Authority Security Clearances - AuthorizationSecurity Clearances - Authorization Security Training & BriefingsSecurity Training & Briefings Classification & MarkingClassification & Marking Safeguarding Classified InformationSafeguarding Classified Information Automated Access Control System Automated Access Control System

Purpose & Overall AuthorityPurpose & Overall Authority Requirements, Restrictions and Safeguards to Requirements, Restrictions and Safeguards to

prevention unauthorized disclosure (Information prevention unauthorized disclosure (Information Assurance Policy)Assurance Policy)

Controlled Disclosure from Government to Controlled Disclosure from Government to ContractorsContractors

The President appointed Secretary of Defense – The President appointed Secretary of Defense – Executive AgentExecutive Agent

The Director, Information Security Oversight The Director, Information Security Oversight Office Implements, Monitors and issues directivesOffice Implements, Monitors and issues directives

Overall Authority – National Industrial Security Overall Authority – National Industrial Security Program (NISP)Program (NISP)• Executive Order 12829, January 6 1993Executive Order 12829, January 6 1993• Executive Order 12958, April 17 1995 – Classified Executive Order 12958, April 17 1995 – Classified

National Security InformationNational Security Information

Security Clearances - AuthorizationSecurity Clearances - Authorization

Facility ClearancesFacility Clearances Personal ClearancesPersonal Clearances

Facility ClearancesFacility Clearances- (FLC) Eligibility Requirements- (FLC) Eligibility Requirements

Must need access to classified information for Must need access to classified information for legitimate U.S. Gov. or foreign requirementlegitimate U.S. Gov. or foreign requirement

Must exist under the laws of any of the 50 Must exist under the laws of any of the 50 states, in D.C., or Puerto Rico, and be located states, in D.C., or Puerto Rico, and be located within the U.S. and its territorial areas or within the U.S. and its territorial areas or possessionspossessions

Must have a reputation for integrity and lawful Must have a reputation for integrity and lawful conduct in business practicesconduct in business practices

Must not be in under foreign ownership, Must not be in under foreign ownership, control, or influence, to the extent that control, or influence, to the extent that granting FCL would be inconsistent with granting FCL would be inconsistent with national interestnational interest

Facility ClearancesFacility Clearances- (FLC) Eligible Requirements - (FLC) Eligible Requirements

(Continued)(Continued) Facility Security Officer (FSO) must Facility Security Officer (FSO) must

be a U.S. Citizen employeebe a U.S. Citizen employee Senior Management and the FSO Senior Management and the FSO

must have a Personal Clearance must have a Personal Clearance (PLC) = FLC(PLC) = FLC

Personal ClearancesPersonal Clearances Single Scope Background Investigation (SSBI) – Single Scope Background Investigation (SSBI) –

Required for Top Secret PCLRequired for Top Secret PCL National Agency Check with Local Check and National Agency Check with Local Check and

Credit Check – Required for Secret and Credit Check – Required for Secret and Confidential PCLConfidential PCL

Polygraph – Agency Dependent, coverage Polygraph – Agency Dependent, coverage expanded upon surfacing concerns in effort to expanded upon surfacing concerns in effort to resolve the issuesresolve the issues

Reciprocity – Previously granted PLC that meets Reciprocity – Previously granted PLC that meets or exceeds current clearance required provides or exceeds current clearance required provides basis without for further investigation unless basis without for further investigation unless significant information wasn’t knownsignificant information wasn’t known

Personal Clearances (Continued)Personal Clearances (Continued)

Contractor Based Clearances – Not Contractor Based Clearances – Not permitted after January 1, 2004permitted after January 1, 2004

Proof Of CitizenshipProof Of Citizenship• Birth Certificate for US bornBirth Certificate for US born• Certificate of NaturalizationCertificate of Naturalization• Certificate of Citizenship by INSCertificate of Citizenship by INS• Birth abroad of a Citizen of USBirth abroad of a Citizen of US• Passport, Current or ExpiredPassport, Current or Expired

Converting PLC to Industrial Converting PLC to Industrial ClearanceClearance

Investigation meets standards for Investigation meets standards for equivalent clearanceequivalent clearance

No More Than 24 Months pass since No More Than 24 Months pass since termination of last investigationtermination of last investigation

No evidence of adverse information exists No evidence of adverse information exists since last investigationsince last investigation

Q access authorization can be converted Q access authorization can be converted to a Top Secret PLCto a Top Secret PLC

L access authorization can be converted to L access authorization can be converted to a Secret PLCa Secret PLC

Security Training & BriefingsSecurity Training & Briefings FSO Training – Should be completed 1 year FSO Training – Should be completed 1 year

of appointment to position of FSOof appointment to position of FSO Classified Information Nondisclosure Classified Information Nondisclosure

Agreement – SF 312Agreement – SF 312 Initial Security BriefingsInitial Security Briefings

• Threat Awareness BriefingThreat Awareness Briefing• Defensive Security BriefingDefensive Security Briefing• Overview of security classification systemOverview of security classification system• Employee reporting obligations and Employee reporting obligations and

requirementsrequirements• Security procedures and duties applicable to Security procedures and duties applicable to

job functionjob function

Classification & MarkingClassification & Marking Top Secret, Secret, Confidential, UnclassifiedTop Secret, Secret, Confidential, Unclassified Terms such as “Official Use only” or “Administratively Terms such as “Official Use only” or “Administratively

Confidential” are not applicable to national security Confidential” are not applicable to national security informationinformation

Original ClassificationOriginal Classification• Falls within categories set by Executive Order 12958Falls within categories set by Executive Order 12958• May cause damage to National Security by itself or with May cause damage to National Security by itself or with

other information – Classification cannot be given other information – Classification cannot be given otherwiseotherwise

• Must State Reason on front pageMust State Reason on front page• Must also set date for duration of classification if possible Must also set date for duration of classification if possible

or marked with an exemption category of “X”or marked with an exemption category of “X”• Viewer must have completed SF 312 and have “Need to Viewer must have completed SF 312 and have “Need to

Know”Know”• Apply the markings as document is being createdApply the markings as document is being created• Preliminary documents must be handled as destroyed as if Preliminary documents must be handled as destroyed as if

it had a classificationit had a classification

Derivative Classification Derivative Classification ResponsibilitiesResponsibilities

Manager at operational level where Manager at operational level where information is being produced or information is being produced or assembled determines classificationassembled determines classification

Employees are responsible for Employees are responsible for marking or challenging the marking or challenging the classification when copying, classification when copying, extracting, reproducing, or extracting, reproducing, or translating a portion of or the totality translating a portion of or the totality of the documentof the document

Challenging the ClassificationChallenging the Classification

Information is classified improperly Information is classified improperly or unnecessarilyor unnecessarily

Current security considerations Current security considerations justify downgrading or upgrading justify downgrading or upgrading classificationclassification• Declassification is not automatically an Declassification is not automatically an

approval for public disclosureapproval for public disclosure Security classification guidance is Security classification guidance is

improper or inadequateimproper or inadequate

Contractor Developed InformationContractor Developed Information

Similar information previously Similar information previously identified as classified retain the identified as classified retain the associated levelassociated level

Novel information the contractor Novel information the contractor believes should be classified, the believes should be classified, the contractor submits it to the contractor submits it to the appropriate agency that would have appropriate agency that would have interest in it for classification interest in it for classification determinationdetermination

Identification & Overall MarkingsIdentification & Overall Markings

Name & Address of Facility responsible for Name & Address of Facility responsible for preparationpreparation

Date of PreparationDate of Preparation Overall marking should be on the front Overall marking should be on the front

cover & back cover (if applicable), top and cover & back cover (if applicable), top and bottombottom

Markings are done by stamped, printed, Markings are done by stamped, printed, etched, written engraved, painted or etched, written engraved, painted or affixed by a adhesive tag (except on affixed by a adhesive tag (except on documents)documents)

Page, Component, & Portion Page, Component, & Portion MarkingMarking

The top and bottom of the page is marked The top and bottom of the page is marked with the highest classification on that pagewith the highest classification on that page

Components such as annex or an Components such as annex or an appendix can be given a one time appendix can be given a one time classification marking of UNCLASSIFIED if classification marking of UNCLASSIFIED if it holds true for the entire componentit holds true for the entire component

Each portion, such as a paragraph shall be Each portion, such as a paragraph shall be given the highest classification marking given the highest classification marking that exists within the portion with either a that exists within the portion with either a (TS) for Top Secret, (S) for Secret, (C) for (TS) for Top Secret, (S) for Secret, (C) for Confidential and (U) for UnclassifiedConfidential and (U) for Unclassified

Portion Marking (Continued)Portion Marking (Continued) Foreign government information is marked with Foreign government information is marked with

abbreviation for that nation and appropriate abbreviation for that nation and appropriate classification (UK – C)classification (UK – C)

NATO documents receive a mark of “NATO” or NATO documents receive a mark of “NATO” or “COSMIC” with the appropriate classification “COSMIC” with the appropriate classification (NATO – TS), (COSMIC – S)(NATO – TS), (COSMIC – S)

Illustrations get marked with no abbreviations Illustrations get marked with no abbreviations directly next to the illustrationdirectly next to the illustration

Impractical marking and all portions are at same Impractical marking and all portions are at same level, the document can have an overall level, the document can have an overall classification as long as there is a full explanation classification as long as there is a full explanation includedincluded

Marking for Derivatively Classified Marking for Derivatively Classified DocumentsDocuments

Source of classification and Source of classification and declassification instructions need to be declassification instructions need to be markedmarked

The marking of “multiple sources” is The marking of “multiple sources” is acceptableacceptable

““Declassify on” may have the markings of Declassify on” may have the markings of the date to declassify, an X for unknown the date to declassify, an X for unknown declassification date or “Original Agency’s declassification date or “Original Agency’s Determination Required”Determination Required”

““Downgrade To” and “Reason Downgrade To” and “Reason Classified”Classified”

The classification to downgrade to The classification to downgrade to upon a certain date can be given in upon a certain date can be given in advance and is marked downgraded advance and is marked downgraded subsequently on storage containerssubsequently on storage containers

The reason of Classification may The reason of Classification may sometimes be necessary upon sometimes be necessary upon original Classificationoriginal Classification

Marking Special Types of MaterialMarking Special Types of Material

Files, Folders or Groups of Document – Files, Folders or Groups of Document – Marked with highest classification when not Marked with highest classification when not storedstored

Messages – Electronically Transmitted – Need Messages – Electronically Transmitted – Need “Derived From” & some agencies require “Derived From” & some agencies require “Classified By” & “Reason Classified”“Classified By” & “Reason Classified”

Microfilms – Unaided to the eye markings are Microfilms – Unaided to the eye markings are necessary on container, Images shall also necessary on container, Images shall also contain markings of classification so its contain markings of classification so its properly disclosed upon printingproperly disclosed upon printing

Translations – Only difference, U.S. must be Translations – Only difference, U.S. must be indicated as country of originindicated as country of origin

Marking Transmittal DocumentsMarking Transmittal Documents

Classified documents are noted with Classified documents are noted with highest classification informationhighest classification information

Unclassified documents that transmit Unclassified documents that transmit classified data as an attachment get classified data as an attachment get marked as “Unclassified when Separated marked as “Unclassified when Separated from Classified Enclosures”from Classified Enclosures”

Classified Documents get marked similarly Classified Documents get marked similarly as follows “Secret when Separated from as follows “Secret when Separated from Enclosures”Enclosures”

Upgrading and Automatic Upgrading and Automatic DowngradingDowngrading

Appropriately upgraded material removes Appropriately upgraded material removes all indication of previous classificationall indication of previous classification

Authority & date of upgrade is markedAuthority & date of upgrade is marked Notification to all who obtained Notification to all who obtained

information is required for further correct information is required for further correct disseminationdissemination

Automatic downgrading (such as based on Automatic downgrading (such as based on date) remove all indication of previous date) remove all indication of previous classification with new classificationclassification with new classification

No further dissemination is necessary No further dissemination is necessary when it is automaticwhen it is automatic

Miscellaneous ActionsMiscellaneous Actions(Improperly handled Information)(Improperly handled Information)

Determine who has it (their clearance) and Determine who has it (their clearance) and should they have it (the information’s should they have it (the information’s discovered classification)discovered classification)

Determine who has control of informationDetermine who has control of information Determine whether control has been lostDetermine whether control has been lost If recipients have the correct clearance – If recipients have the correct clearance –

issue notices promptly of classified issue notices promptly of classified informationinformation

If not, report incident to Cognizant If not, report incident to Cognizant Security Agency (CSA) DoD – Incident Security Agency (CSA) DoD – Incident Response for National Security MattersResponse for National Security Matters

Safeguarding Classified InformationSafeguarding Classified Information

Safeguarding Oral Communication – Safeguarding Oral Communication – prohibited: unsecured phone lines, public prohibited: unsecured phone lines, public conversations, any other interception by conversations, any other interception by unauthorized personnelunauthorized personnel

End of Day Security Checks – End of Day Security Checks – • At the close of each day – ensure all classified At the close of each day – ensure all classified

data is securely storeddata is securely stored• At the end of each shift – ensure all classified At the end of each shift – ensure all classified

data is securely stored except when facility is data is securely stored except when facility is in 24 hour contiguous operationin 24 hour contiguous operation

Perimeter ControlPerimeter Control(Physical Security)(Physical Security)

Inspections must be done in random Inspections must be done in random nature guided by legal advicenature guided by legal advice

All individuals are subject to All individuals are subject to inspectioninspection• Must be done within facility groundsMust be done within facility grounds• Inspections are not necessary for highly Inspections are not necessary for highly

personal – purse, wallet, clothing etc.personal – purse, wallet, clothing etc.

External Receipt and Dispatch External Receipt and Dispatch RecordsRecords

The date of the materialThe date of the material The date of receipt or dispatchThe date of receipt or dispatch The classificationThe classification An Unclassified descriptionAn Unclassified description Identify the activity that resulted in Identify the activity that resulted in

the retrieval of the material or to the retrieval of the material or to which the material was dispatchedwhich the material was dispatched

Receipt and dispatch records are Receipt and dispatch records are kept for 2 yearskept for 2 years

Receiving Classified MaterialReceiving Classified Material

Top Secret & Secret Classified data Top Secret & Secret Classified data needs signature receiptneeds signature receipt

Confidential doesn’t, but if signature Confidential doesn’t, but if signature is required, it must be givenis required, it must be given

If tampering is detected (TS, S) – If tampering is detected (TS, S) – should be reported promptly to should be reported promptly to sendersender

Generation of Classified MaterialGeneration of Classified Material

Classified working papersClassified working papers• Dated when createdDated when created• Marked with classificationMarked with classification• Marked with “working papers”Marked with “working papers”• Destroyed when no longer neededDestroyed when no longer needed• Classified as finished documents whenClassified as finished documents when

Transmitted out of facilityTransmitted out of facility Retained for more than 180 daysRetained for more than 180 days

Contractor produced Top Secret material – Record Contractor produced Top Secret material – Record must be producedmust be produced• Completed DocumentCompleted Document• Retained for 30 daysRetained for 30 days• Transmitted Outside facilityTransmitted Outside facility

General Services Administration General Services Administration (GSA)(GSA)

Top Secret material – Stored in GSA Top Secret material – Stored in GSA approved security container, approved security container, approved vault or approved closed approved vault or approved closed areaarea

Secret Material – Stored similar to Secret Material – Stored similar to Top Secret without the GSA approvalTop Secret without the GSA approval• In a safe, steel file cabinet, automatic In a safe, steel file cabinet, automatic

locking, 4 sides welded, riveted, or locking, 4 sides welded, riveted, or bolted to indicate visible evidence of bolted to indicate visible evidence of tampering (Until October 1, 2012)tampering (Until October 1, 2012)

Restricted AreasRestricted Areas

Necessary impractical or impossible Necessary impractical or impossible to store otherwise due to unusual to store otherwise due to unusual characteristiccharacteristic

Clearly defined perimeter – No Clearly defined perimeter – No barriers necessarybarriers necessary

Personnel within the area are Personnel within the area are responsible for challenging all responsible for challenging all individuals who may lack proper individuals who may lack proper authorityauthority

Intrusion Detection SystemsIntrusion Detection Systems

Guard Patrol – 2 hours for Top Secret Guard Patrol – 2 hours for Top Secret Material, 4 hours for SecretMaterial, 4 hours for Secret

GSA approved containers need no GSA approved containers need no supplemental security if in an area supplemental security if in an area deemed “with security-in-depth”deemed “with security-in-depth”

Protection of CombinationsProtection of Combinations

Record of Names with combinations Record of Names with combinations maintainedmaintained

All containers are locked if not under All containers are locked if not under the direct supervision of an the direct supervision of an authorized personauthorized person

Combination is dependent upon Combination is dependent upon classification of contents, upgrade in classification of contents, upgrade in classification destroys previous classification destroys previous combinationscombinations

Changing CombinationsChanging Combinations

Initial use of containerInitial use of container Termination of employee or Termination of employee or

clearance is withdrawn, suspended clearance is withdrawn, suspended or revokedor revoked

Compromise of security containerCompromise of security container• Unlocked, Unattended Unlocked, Unattended

Supervision of KeysSupervision of Keys

Key and lock custodian is appointedKey and lock custodian is appointed Key and lock control register centerKey and lock control register center Key and lock audit every monthKey and lock audit every month Keys inventoried with every change of Keys inventoried with every change of

custodycustody Keys and spare locks protected as Keys and spare locks protected as

classifiedclassified Locks and keys rotated at least once a Locks and keys rotated at least once a

yearyear Master Keys prohibitedMaster Keys prohibited

Automated Access Control SystemAutomated Access Control System

Manufactures must meet these Manufactures must meet these requirementsrequirements• Chances of unauthorized access are no Chances of unauthorized access are no

more than one in 10,000more than one in 10,000• Chances of authorized access being Chances of authorized access being

rejected in no more than 1 in 1,000rejected in no more than 1 in 1,000• Locations of access and there storage Locations of access and there storage

must be protectedmust be protected• Tamper alarm protection is mandatory Tamper alarm protection is mandatory

for Top Secret Closed Areafor Top Secret Closed Area

Automated Access Control SystemAutomated Access Control SystemContinuedContinued

Personal IdentificationPersonal Identification• Identification can be obtained by ID with Identification can be obtained by ID with

PIN badge or personal identityPIN badge or personal identity ID Badge – must use embedded sensors, ID Badge – must use embedded sensors,

integrated circuits magnetic stripes etcintegrated circuits magnetic stripes etc FingerprintFingerprint Hand geometryHand geometry HandwritingHandwriting RetinaRetina Voice RecognitionVoice Recognition

SummarySummary

Purpose & Overall AuthorityPurpose & Overall Authority Security Clearances - AuthorizationSecurity Clearances - Authorization Security Training & BriefingsSecurity Training & Briefings Classification & MarkingClassification & Marking Safeguarding Classified InformationSafeguarding Classified Information Automated Access Control SystemAutomated Access Control System