Lesson Learned Briefing


No.LL19-0009

TitleOE-3: Electronic Devices Pose Security Risks

EventOther Facility Event

Event Date04/03/2019

CategoryOCA - Operating Experience Level 3

Summary
The attached Operating Experience Level 3 (OE-3) document provides information about some security risks posed by electronic devices that enter Department of Energy (DOE) facilities. These items have the potential to be used to record or transmit information without authorization. Some electronic devices have features that may be used to extract information with or without the user's knowledge. Examples include recording equipment (audio, video, optical, or data), electronic equipment with a data exchange port capable of being connected to automated information system equipment, cell phones, radio frequency transmitting equipment, and computers and associated media. This OE-3 focuses on the importance of understanding the capabilities of all items that are brought onto DOE property, the security risks posed by these devices, and the need to understand and adhere to applicable security plan requirements to mitigate those risks.




Lessons Learned are part of the ISM Core Function 5, Feedback and Improvement. Applicable Lessons Learned are to be considered during working planning activities and incorporated in work processes, prior to performing work.
 
Please contact the following subject matter experts if you have any questions regarding this briefing.

Uploaded documents/attachments:
OE-3 2019-01.pdf

Give feedback for this briefing


For other lessons learned and best practices, go to Lessons Learned and Best Practices Library