Air Force to institute new method to protect PII
Secretary of the Air Force Public Affairs Office
/ Published February 28, 2018
WASHINGTON (AFNS) -- Air Force officials announced emails containing personally identifiable information, and similar numeric constructs, will be blocked from transmission unless the email is encrypted. For members unable to send or receive encrypted emails, members will be directed to utilize the AMRDEC SAFE application.
This is not a change in policy, but a new method to halt PII breaches via email. PII is information about an individual that identifies, links, relates, or is unique to, or describes a member. For example – social security numbers (full or partial), age, marital status, race, salary, home/personal cell phone numbers, other demographic biometric, personnel, medical and financial information.
"The Air Force depends on reliable, secure communications to operate,” said Under Secretary of the Air Force Matthew Donovan. “Ensuring confidentiality of every Airman's personal information is part and parcel for maintaining operational security, as well as an inherent command responsibility".
Users will be notified via a dialogue pop-up box or email response and provided with the option to either remove PII content, encrypt or send via AMRDEC SAFE. There are no user accounts for AMRDEC SAFE and authentication is handled via email and password. Everyone has access to AMRDEC SAFE. The application is convenient and intuitive to utilize.
If users send an email that contains a series of numbers that resemble PII information, the system will also block the email transmittal. In order for the email to transmit, the user will need to treat the email as if it does contain PII by encrypting the email or using AMRDEC SAFE. Feedback to the Help Desk in these instances will aid in changing the blocking tool “sniffers” to differentiate non-PII data in the future.
“Ideally, email would be the last medium used to transmit PII information,” said Col. Patrick Ryan, reserve advisor to the chief, information dominance and chief information officer. “However, if you have to send PII via email for mission accomplishment, then either encrypt or use AMRDEC SAFE.”
AMRDEC SAFE can be accessed through the following website: https://safe.amrdec.army.mil/safe/Guide.aspx
Additional Air Force CISO PII resources can be found under “Data Privacy Day 2018”
For more information, please contact the PII Program Lead at (571) 256-2515 or DSN: 260-2515.