Open main menu

Securing Personal E-mail Accounts


United States Department of State

United States Secretary of State Hillary Rodham Clinton

June 28, 2011

Securing Personal E-mail Accounts

Department of State
United States of America

MRN: 11 STATE 65111
Date/DTG: Jun 28, 2011 / 282223Z JUN 11
From: SECSTATE WASHDC
Action: ALL DIPLOMATIC AND CONSULAR POSTS COLLECTIVE ROUTINE
E.O.: 13526
TAGS: APCS, ASEC, AADP, AMGT
Subject: Securing Personal E-mail Accounts

UNCLAS STATE 065111
E.O. 13526: N/A
TAGS: APCS, ASEC, AADP, AMGT
SUBJECT: Securing Personal E-mail Accounts

Reference:

A) 12 FAM 544.3

  1. Department of State users are encouraged to check the security settings and change passwords of their home e-mail accounts because of recent targeting of personal e-mail accounts by online adversaries. Security guidelines have been posted on the DS/SI/CS Cyber Security Awareness web page:
    http://intranet.ds.state.sbu/DS/SI/CS/Awareness1/Content/Personal%20Email.aspx.
  2. Recently, Google asserted that online adversaries are targeting the personal Gmail accounts of U.S. government employees. Although the company believes it has taken appropriate steps to remediate identified activity, users should exercise caution and follow best practices in order to protect personal e-mail and prevent the compromise of government and personal information. The DS/SI/CS Cyber Security Awareness web site contains guides to help secure the web-based e-mail accounts of users and their families.
    This information can be accessed at:
    http://intranet.ds.state.sbu/DS/SI/CS/Awareness1/Content/Personal%20Email.aspx.
  3. What can you and your family members do?
    1. Follow the personal e-mail guides posted on the Awareness site to change your password, to ensure that messages are not auto-forwarding to an unintended address, and to verify that other security settings are properly configured.
    2. Beware of e-mail messages that include links to password reset web pages. These can be easily faked.
    3. Create strong passwords for all of your online accounts, change them often, and never use the same password for more than one account.
    4. Avoid conducting official Department business from your personal e-mail accounts.
    5. Do not reveal your personal e-mail address in your work "Out of Office" message.
    6. Do not auto-forward Department e-mail to personal e-mail accounts, which is prohibited by Department policy (12 FAM 544.3).
  4. Questions regarding cyber security awareness should be addressed to awareness@state.gov
  5. CLINTON

    This work is in the public domain in the United States because it is a work of the United States federal government (see 17 U.S.C. 105).