U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Home
  2. Osy
  3. Information Security

Was this page helpful?

Operations Security

Operations Security (OPSEC) is an analytic process used to deny an adversary information, generally unclassified or Controlled Unclassified Information, concerning our intentions and capabilities by identifying, controlling, and protecting indicators associated with our planning processes or operations. OPSEC does not replace other security disciplines, it supplements them. Practicing OPSEC is how we keep our employees safe and Department operations going as planned.

The Department’s OPSEC Program is concentrated around training, awareness, and verification of effectiveness through inspections in accordance with National Security Presidential Memorandum-28. Additionally, an OPSEC Program Coordinator is assigned within each Bureau to identify what information is critical to employee safety and mission accomplishment and promote OPSEC awareness. Contact your Field Servicing Security Office (FSSO) to be placed in contact with your OPSEC Program Coordinator.

Employees should be made aware of what the critical information is for their organization to properly protect that which may cause harm to the Department or individuals within the Department. Everyone has information that an adversary may be able to use. Take a moment to ensure those requesting or soliciting information have a need for that information.

OPSEC Six Step Cycle

 

OPSEC Tips

Social Media Deception

  • Be aware of what you post on social media.
  • An adversary can use information on the internet to gain sensitive information from you.
  • Always change your social media settings to private.

Social Engineering

  • This is the manipulation of human tendencies to trust others.
  • Trust is used to gain access to your personal information.
  • Be wary of any unsolicited contact, such as email or phone calls, from unknown or untrusted sources.
  • Never give confidential information over the phone.
  • Trust your instincts.

Travel Awareness

  • Minimize traveling with electronic devices.
    • Bad actors may install malicious software without your knowledge. Prior approval is required for Government Furnished Devices.
  • Do not post your upcoming travel plans or travel in real time because it lets others know when you are away from your home. Post when you have returned.
  • Be aware of people who ask a lot of questions about your work and personal life. This can be a ploy to pry personal information from you.
  • Assume there is no privacy when you are traveling outside of the country.
  • When traveling outside of the country, you may request a Foreign Travel Briefing from your FSSO.

Human Targeting

  • Stay alert of strangers you unexpectedly meet who tend to have a lot in common with you or seek a continuing relationship.
  • These individuals may be posing to gain your trust, which is then used to gain personal and sensitive information from you.

OPSEC Links and Resources

Office of the Director of National Intelligence – National Operations Security Program

National Counterintelligence and Security Center

For further guidance on OPSEC please contact [email protected].   

  1. Archives
  2. Accessibility
  3. Agency Financial Report
  4. Comment policy
  5. Digital strategy
  6. Information quality
  7. No Fear Act
  8. Inspector General
  9. Plain language
  10. Privacy policy
  11. Payment Integrity
  12. USA.gov
  13. Vote.gov
  14. Vulnerability Disclosure Policy
  15. Whistleblower Protection
  16. WhiteHouse.gov