The U.S. Coast Guard will soon allow access to YouTube, commercial email, Facebook, Twitter, Instagram and LinkedIn on computers connected to the Coast Guard unclassified network.
By September 30, the first 24,000 users will be migrated to the Department of Defense (DoD) web-browsing platform called Cloud-Based Internet Isolation (CBII), which will provide safe access to these previously restricted websites. CBII allows for safer internet browsing on websites other than .mil and .gov by redirecting the user’s web browsing activities to a secure cloud environment.
“The beautiful part about it,” said Lt. Rudy Mendoza, CG-68 program office, “is that if you’re surfing the internet and fall prey to malicious activity , your workstation would not be affected because the activity is isolated in this cloud environment.”
The move is part of a U.S. Defense Department campaign to improve cybersecurity for all the armed services, but it also marks another step towards the Coast Guard’s long-term vision of improving work-life balance and family communication for those who serve underway.
“This positively impacts morale, too,” Mendoza said. “We’re more or less hitting two birds with one stone.”
The Coast Guard will start by migrating VPN users, and personnel from the National Command Centers, Recruiting Command, Public Affairs, and Coast Guard Investigative Service (CGIS) to the new platform. Select users will receive an email the week prior to migration. The remainder of the workforce will be migrated in 2022 and no later than September 2024.
Cutters will not be migrated in this first phase, as the Coast Guard doesn’t yet have enough data on how CBII might work at sea. As cutter connectivity remains a priority, the platform is currently being tested on Coast Guard Cutter Legare with the idea that they could get this in the second phase.
Cutter Legare’s commanding officer, Cmdr. Malcolm Belt, said that 15 members of his crew were granted access to CBII on September 1 and will be able to try it out until they return to port in mid-October. The early reports have been mostly positive. Crewmembers have been able to access Facebook, Gmail, and a couple got onto YouTube, he notes.
One service member was able to use the instant chat-feature on Google. “That, right there is the kind of live connectivity feature they’d like,” Belt said. “If they can’t verbally talk with people, at least they can message and the delay is only a minute or two so it’s not that bad.”
On the flip side, at least one user complained that having to use CBII has slowed down the internet and increased the time it took to get on Google to search for parts.
Belt said the benefits will have to be weighed against costs to productivity, but he is hopeful. “I definitely think that even if this is an imperfect solution, the effort to improve sea duty attractiveness by allowing people to have access to these sites is a step in the right direction.”
Even users migrated on land will notice that the first time they access websites outside of .mil and .gov – and every 30 days after that— webpages may take longer to load. Users will also be required to authenticate with their common access card (CAC) card.
While Coast Guard members will be able to access these sites during their personal time, Mendoza notes, the usual rules about sharing information will still apply. Sharing Controlled Unclassified Information (CUI) or For Official Use Only (FOUO) information on commercial sites is strictly prohibited. Users should also consider the impact of anything they post on a site.
“You need to be smart about what you’re doing,” he said. “You’ll be in a platform that’s owned by the government.”
For technical tips and screenshots, visit the Pixel Dashboard > CGFIXIT / Help > Tech Tips > Search User Tech Tips and locate Cloud-Based Internet Isolation (CBII) Tech Tips or type “CBII” in the subject field.
Users experiencing internet browsing related issues during the migration period or who wish to request access to blocked sites, should submit a CGFIXIT request via the CGFIXIT (lighthouse) icon located under CGFIXIT/Help and proceed to: CYBER SECURITY SERVIES > WEBSITE ALLOW LIST REQUEST.