Proper Handling of Classified Information

Wikdapedia has an excellent article about the proper handling of Classified information.

https://en.wikipedia.org/wiki/Classified_information_in_the_United_States


This is a deadly serious business. 

Top Secret
    Information is classified as Top Secret if it "reasonably could be expected to cause exceptionally grave damage to the national security," 


    Protecting classified information

    A GSA-approved security container

    Facilities and handling

    One of the reasons for classifying state secrets into sensitivity levels is to tailor the risk to the level of protection. The U.S. government specifies in some detail the procedures for protecting classified information. The rooms or buildings for holding and handling classified material must have a facility clearance at the same level as the most sensitive material to be handled.


    Good quality commercial physical security standards generally suffice for lower levels of classification. At the highest levels, people sometimes must work in rooms designed like bank vaults (see Sensitive Compartmented Information Facility – SCIF). The U.S. Congress has such facilities inside the Capitol Building, among other Congressional handling procedures for protecting confidentiality.[58]


    The U.S. General Services Administration sets standards for locks and containers used to store classified material. The most commonly-approved security containers resemble heavy-duty file cabinets with a combination lock in the middle of one drawer. In response to advances in methods to defeat mechanical combination locks, the U.S. government switched to electromechanical locks that limit the rate of attempts to unlock them. After a specific number of failed attempts, they will permanently lock, requiring a locksmith to reset them.


    The most sensitive material requires two-person integrity, where two cleared individuals are responsible for the material at all times. Approved containers for such material have two separate combination locks, both of which must be opened to access the contents.[citation needed]

    Marking

    Classified U.S. government documents typically must be stamped with their classification on the cover and at the top and bottom of each page. Authors must mark each paragraph, title and caption in a document with the highest level of information it contains, usually by placing appropriate initials in parentheses at the beginning of the paragraph, title, or caption, for example (C), (S), (TS), (TS-SCI), etc., or (U) for unclassified.


    Cover sheets

    Classified documents with and without cover sheets

    Commonly, one must affix a brightly colored cover sheet to the cover of each classified document to prevent unauthorized observation of classified material (shoulder surfing) and to remind users to lock up unattended documents. The cover sheets warn viewers of the sensitive nature of the enclosed material, but are themselves are unclassified. Typical colors are blue for confidential, red for secret and orange for top secret. [59]


    Transmission

    Restrictions dictate shipment methods for classified documents. Top Secret material must go by special courier, Secret material within the U.S. via registered mail, and Confidential material by certified mail. Electronic transmission of classified information largely requires the use of National Security Agency approved/certified "Type 1" cryptosystems using NSA's unpublished and classified Suite A algorithms. The classification of the Suite A algorithms categorizes the hardware that store them as a Controlled Cryptographic Item (CCI) under the International Traffic in Arms Regulations, or ITAR.[60]


    CCI equipment and keying material must be controlled and stored with heightened physical security, even when the device is not processing classified information or contains no cryptographic key. NSA is currently implementing what it calls Suite B, a group of commercial algorithms such as Advanced Encryption Standard (AES), Secure Hash Algorithm (SHA)Elliptic Curve Digital Signature Algorithm (ECDSA) and Elliptic curve Diffie–Hellman (ECDH). Suite B provides protection for data up to Top Secret on non-CCI devices, which is especially useful in high-risk environments or operations needed to prevent Suite A compromise. These less stringent hardware requirements stem from the device not having to "protect" classified Suite A algorithms.[61]


    Specialized computer operating systems known as trusted operating systems are available for processing classified information. These systems enforce the classification and labeling rules described above in software. Since 2005 they are not considered secure enough to allow uncleared users to share computers with classified activities. Thus, if one creates an unclassified document on a secret device, the resultant data is classified secret until it can be manually reviewed. Computer networks for sharing classified information are segregated by the highest sensitivity level they are allowed to transmit, for example, SIPRNet (Secret) and JWICS (Top Secret-SCI).