Military Connection: How the VA Safeguards Veteran Data

VA cyber securityBy Debbie Gregory.

As it becomes easier and easier to access and utilize sensitive information online, it is critical that individuals protect their identity and sensitive information from cyber threats. The U.S. Department of Veterans Affairs is doing its part to protect the Veterans it serves.

The VA has made a commitment to safeguard the data of Veterans, and is making information security a top priority. The VA has implemented progressive security measures to protect data and secure its network and information technology (IT) systems through a “defense in depth” approach. The VA’s strategy provides layers of technical, physical, and administrative security controls that make sure that even if one layer of security fails, or becomes otherwise vulnerable, there are additional measures in place to keep the data secure for our nation’s Veterans and their families.

With over 750,000 devices connected to the VA’s network, which runs 45,000 different applications, it is vital that the VA maintains the ability to manage and secure all of its IT assets. The VA’s Enterprise Visibility initiative, implemented in 2012, provides real-time visibility to ensure that all of the devices connected to the department’s network meet the VA’s high security standards. Every application is tested for vulnerabilities before they are cleared for operation on the VA’s network. If vulnerabilities are found, the VA and the application developers work together to resolve any the issues before the application is cleared to operate on the VA’s network.

Veterans should feel secure in knowing that the VA was one of the first federal agencies to employ continuous automated monitoring capability across its network of systems. With this measure in place, the VA is able detect any weakness early, and respond to threats immediately. The VA utilizes Einstein 3, an automated intrusion detection system that is operated by the Department of Homeland Security. Since its implementation, Einstein 3 has blocked hundreds of intrusion attempts. The VA was also one of the first federal agencies to implement Trusted Internal Connections, a program that improves the VA’s ability to monitor external connections, and identify potentially malicious traffic by reducing and consolidating external connections.

Furthermore, the VA has established a permanent team devoted to the department’s Continuous Readiness in Information Security Program (CRISP). The CRISP team is working to create a culture of security that extends to every VA employee. Through training and awareness campaigns, VA employees learn about the latest in cybersecurity and are trained to follow the department’s thorough incident response plan, ensuring that risks are always minimized.

Military Connection proudly serves those who serve in the ArmyNavyAir ForceMarinesCoast Guard,Guard and ReserveVeterans and their Families. We are the go to site for Veteran Employment and information on Veteran education. Militaryconnection.com provides Veterans with and Directory of Employers, a Job Boardinformation on the Post-9/11 GI Bill, and a blog that offers Veterans boundless information. Be sure to visit Militaryconnection.com, the go to site.

Military Connection: How the VA Safeguards Veteran Data: By Debbie Gregory