| D-2019-0034-D000CR-0001-0001.a.1 |
No |
$0 |
$0 |
|
|
(U) Rec. 1.a: The DoD OIG recommended that the [Redacted] develop and implement a plan to correct the systemic weaknesses at the facilities, data centers, and laboratories that manage ballistic missile defense system technical information related to using multifactor authentication.
|
| D-2019-0034-D000CR-0001-0001.a.2 |
No |
$0 |
$0 |
|
|
(U) Rec. 1.a: The DoD OIG recommended that the [Redacted] develop and implement a plan to correct the systemic weaknesses at the facilities, data centers, and laboratories that manage ballistic missile defense system technical information related to using multifactor authentication.
|
| D-2019-0034-D000CR-0001-0001.b.1 |
No |
$0 |
$0 |
|
|
Rec. 1.b: The DoD OIG recommended that the [Redacted] develop and implement a plan to correct the systemic weaknesses at the facilities, data centers, and laboratories that manage ballistic missile defense system technical information related to mitigating vulnerabilities in a timely manner.
|
| D-2019-0034-D000CR-0001-0001.b.2 |
No |
$0 |
$0 |
|
|
Rec. 1.b: The DoD OIG recommended that the [Redacted] develop and implement a plan to correct the systemic weaknesses at the facilities, data centers, and laboratories that manage ballistic missile defense system technical information related to mitigating vulnerabilities in a timely manner.
|
| D-2019-0034-D000CR-0001-0001.c.1 |
No |
$0 |
$0 |
|
|
(U) Rec. 1.c: The DoD OIG recommended that the [Redacted] develop and implement a plan to correct the systemic weaknesses at the facilities, data centers, and laboratories that manage ballistic missile defense system technical information related to securing server racks.
|
| D-2019-0034-D000CR-0001-0001.c.2 |
No |
$0 |
$0 |
|
|
(U) Rec. 1.c: The DoD OIG recommended that the [Redacted] develop and implement a plan to correct the systemic weaknesses at the facilities, data centers, and laboratories that manage ballistic missile defense system technical information related to securing server racks.
|
| D-2019-0034-D000CR-0001-0001.d.1 |
No |
$0 |
$0 |
|
|
Rec. 1.d: The DoD OIG recommended that the [Redacted] develop and implement a plan to correct the systemic weaknesses at the facilities, data centers, and laboratories that manage ballistic missile defense system technical information related to protecting and monitoring data on removable media.
|
| D-2019-0034-D000CR-0001-0001.e.1 |
No |
$0 |
$0 |
|
|
(U) Rec. 1.e: The DoD OIG recommended that the [Redacted] develop and implement a plan to correct the systemic weaknesses at the facilities, data centers, and laboratories that manage ballistic missile defense system technical information related to implementing intrusion detection controls.
|
| D-2019-0034-D000CR-0001-0001.e.2 |
No |
$0 |
$0 |
|
|
(U) Rec. 1.e: The DoD OIG recommended that the [Redacted] develop and implement a plan to correct the systemic weaknesses at the facilities, data centers, and laboratories that manage ballistic missile defense system technical information related to implementing intrusion detection controls.
|
| D-2019-0034-D000CR-0001-0001.f.1 |
No |
$0 |
$0 |
|
|
(U) Rec. 1.f: The DoD OIG recommended that the [Redacted] develop and implement a plan to correct the systemic weaknesses at the facilities, data centers, and laboratories that manage ballistic missile defense system technical information related to requiring and maintaining justifications for accessing networks.
|
| D-2019-0034-D000CR-0001-0001.g.1 |
No |
$0 |
$0 |
|
|
(U) Rec. 1.g: The DoD OIG recommended that the [Redacted] develop and implement a plan to correct the systemic weaknesses at the facilities, data centers, and laboratories that manage ballistic missile defense system technical information related to implementing physical security controls.
|
| D-2019-0034-D000CR-0001-0002.a |
No |
$0 |
$0 |
|
|
(U) Rec. 2.a: The DoD OIG recommended that the [Redacted] enforce the use of multifactor authentication to access systems that process, store, and transmit ballistic missile defense system technical information, or obtain a waiver that exempts the networks from using multifactor authentication.
|
| D-2019-0034-D000CR-0001-0002.i |
No |
$0 |
$0 |
|
|
(U) Rec. 2.i: The DoD OIG recommended that the [Redacted] require written justification as a condition for obtaining access to all networks and systems that process, store, and transmit ballistic missile defense system technical information.
|
| D-2019-0034-D000CR-0001-0002.j |
No |
$0 |
$0 |
|
|
(U) Rec. 2.j: The DoD OIG recommended that the [Redacted] maintain access request forms for all users with access to networks and systems that contain ballistic missile defense system technical information and verify, at least annually, the continued need for access.
|
| D-2019-0034-D000CR-0001-0003.b |
No |
$0 |
$0 |
|
|
(U) Rec. 3.b: The DoD OIG recommended that the Chief Information Officer for the [Redacted] implement intrusion detection capabilities on networks that maintain ballistic missile defense system technical information.
|
| D-2019-0034-D000CR-0001-0004.a.1 |
No |
$0 |
$0 |
|
|
(U) Rec. 4.a: The DoD OIG recommended that the Chief Information Officers for the [Redacted] encrypt ballistic missile defense system technical information stored on removable media.
|
| D-2019-0034-D000CR-0001-0004.b.1 |
No |
$0 |
$0 |
|
|
(U) Rec. 4.b: The DoD OIG recommended that the Chief Information Officers for the [Redacted] develop and implement a process for identifying individuals who are authorized to use removable media on their networks and systems as well as procedures for monitoring the type and volume of data transferred to and from removable media.
|
| D-2019-0034-D000CR-0001-0004.c.1 |
No |
$0 |
$0 |
|
|
(U) Rec. 4.c: The DoD OIG recommended that the Chief Information Officers for the [Redacted] assess existing security camera placements to identify gaps in security coverage and install security cameras with [Redacted] to monitor personnel movements throughout their facilities.
|
