At a time when Navy leaders are trying to reduce sailors’ administrative distractions, they came up with another one.
The following mandate went out this month via Navy Personnel Command’s official Facebook page: Sailors must log in to “most Navy systems” every 30 days or their accounts will be deactivated. A reactivation requires a call to the Navy Marine Corps Intranet help desk — and possibly a long wait.
The Facebook message was the only formal announcement made by the Navy, but it’s been confirmed by officials.
“While we empathize with the potential inconvenience to users, these measures are necessary in our continuing efforts that are required to defend our networks against increasingly sophisticated and determined adversaries,” said Lt. Joe Holstead, spokesman for U.S. Fleet Cyber Command.
“More restrictive login requirements are part of Navy network and cybersecurity upgrades that have been ongoing for several months. These requirements are focused on strengthening network and information security and minimizing exploitable vulnerabilities.”
The post doesn’t list the sites that will require regular logins.
Reservists, officials say, are more apt to be inconvenienced by the policy, as statistics show many of them go six months or more without logging into Navy accounts.
At a minimum, all sailors, Reserve and active, can expect that any Navy or Defense Department database they have login privileges with, either to manage their personal careers or that is used in the conduct of their jobs will be subject to the new rule, officials say.
And the requirement isn’t a Navy one — it’s part of a cybersecurity measure pushed down to individual service cyber officials from U.S. Cyber Command.
The requirements are related to ongoing cyber upgrades. Earlier this month, Navy officials said many of the service’s personnel-related websites would be down periodically over the next few months as security is beefed up.
The need for system upgrades became apparent after hackers reportedly infiltrated the Navy earlier this year. On Sept. 27, The Wall Street Journal reported that Iranian agents or their proxies successfully breached the Navy’s systems. There is no evidence personnel data was hacked.
Most feedback to the new rule has been negative, coming from reservists, submariners and others without easy access to all Navy databases. The policy could change as the fleet learns of burdens the rules may place on sailors or their communities, but officials warned not to expect a reversal, saying security will trump convenience.