See JSP 440 "The Defence Manual of Security" for further information and advice on maintaining security.
Below are the main categories of information that could be at risk, the hostile groups that might seek this information and the potential consequences if this information is compromised.
Personal Information is always at a premium in the criminal and espionage world. Items of information which can be used to take advantage of you and your family can include:
Information such as this may also enable hostile intelligence agencies or terrorists to target you or your family. You should protect this information from open publication.
It is possible to give away information about yourself unintentionally through the linkages you make with other people. For example, by looking at your friends on a social networking site it would be fairly easy for a stranger to work out roughly where you live and your approximate age - even if you have not volunteered any of this information yourself. This makes it even more important to safeguard the exact details of your personal information described above.
Criminal groups may also try to gain access to online, telephone or other accounts using your account details. This includes information such as:
Information such as this could be used for criminal activity or blackmail. Do not give out this information to third parties.
Hostile intelligence services or terrorist organisations may seek details about your work or your unit/establishment. This may include:
Information such as this could enable your Establishment/Unit to be targeted. Protect this information and specifically, do not disclose:
Images can give away important information unintentionally. Check to make sure Forces ID cards, Official passes, keys, computer screens, paper documents or other potentially sensitive materials or equipment are not visible.
If you are involved in operations directly or supporting them, information protection becomes even more important and attempts to gather information by hostile agencies or groups may become more determined. Information that will be of interest to these groups includes:
Information such as this can be used by an enemy in countering our operations, putting lives and assets at greater risk. It may also damage our credibility with our allies and possibility lead to a withdrawal of their support. Do not release it online.
As well as withholding the types of information described above, there are a number of simple steps you can take to protect yourself online:
To maintain security on the web the following is general good practice:
Some social networking sites enable you, indirectly, to publish information about other people, for example by identifying them in photographs. Be careful about disclosing information about friends and colleagues. Respect their privacy and maintain their security.
Security is everybody's responsibility. Our own personnel are our eyes and ears on the Internet. If you see information on the Internet that falls into one the categories above, that you suspect may have been released without proper authorisation, contact your Commander or Line Manager immediately so that mitigating action can be taken.
If information of a sensitive, personal and operational nature is exposed into the public domain, Commanders and line managers should report the incident up their chain of command, to their Branch Security Officer, and (via the BSO if available) to the Joint Security Co-ordination Centre (JSyCC). Neither Commanders nor staff should attempt to remove third party material from the Internet without authorisation and advice from the relevant security authorities.