FOUO vs Non-FOUO Sites

What happened to the AKO Home page?

What happened to the AKO Home page and the Log in page?

The AKO Homepage has changed to accommodate CAC protection to FOUO (For Official Use Only) restricted content while allowing password access to unrestricted (non-FOUO) content.

When logging in with username/password, your files may appear missing if the files/folders/site was setup with CAC protection

What changes have been made?

There are three main changes being made to the AKO portal:

Logging in:

All users who go to www.us.army.mil will be required to log in with CAC. Users who want to log in with a username/password can click on the “Username/Password login” link: ako.us.army.mil, which will take them to the new, non-FOUO portal log in page.

Accessing content:

Army Knowledge Online users can designate content – -which includes channels, pages, folders, and files – -as FOUO so they are only accessible to users logged in with CAC.

Creating content:

When creating a new folder or uploading a file, users who are logged in with a CAC must acknowledge the FOUO designation and attest that the content falls within those guidelines. Those who are logged in with a username/password will acknowledge that the folder/file does not contain FOUO information.

In order to comply with CTO 07-15, all AKO applications/systems will migrate to PKI/CAC-only authentication for access. This change means that CAC-secured content on AKO will only be visible to those who log in with a CAC.

How can I tell if something is CAC-secured?

A small red asterisk* indicates the access to that content is restricted to those who log into AKO using a CAC. For folders, in addition to the asterisk, FOUO-designated folders are green folders; as such, files contained within them are also FOUO and require a CAC to access. Also, CAC-secured channels and pages are not visible to those logging in with a user name and password.

Note: It is only possible to identify CAC-secured content when logged in using a CAC/PIN.

Is FOUO the same thing as CAC protection?

No. Once content is designated as FOUO, AKO will enforce access controls based on Army requirements. Currently, that translates to restricting access to individuals who log into AKO using a CAC.

I used to provide better security for my folders by adding CAC protection to them. That option no longer exists. What can I do?

Currently, AKO “CAC protects” anything designated by a user as FOUO content. To continue with this type of protection, simply identify content as FOUO.

Where are my missing files?

CAC-secured folders are not visible to those logging in with a user name and password. Neither the folders nor the files they contain have been changed in any way.

Does this mean I have to maintain two pages for everything, one FOUO and one non-FOUO?

Setting the CAC restrictions on individual channels, instead of an entire page, makes it possible for both FOUO and non-FOUO content to reside on the same page. When this approach is taken, users who log in with a CAC will be able to see the entire page; those who access the site with a user name/password will see only the non-CAC-restricted channels.

To see an official definition of security classifications, refer to DoD Information Security Program: Overview, Classification, and Declassification: http://www.dtic.mil/whs/directives/corres/pdf/520001_vol1.pdf

What are the URL’s to the new sites?

FOUO- http://www.us.army.mil/ (signified by green background)

  1. The login box no longer provides space to enter a username/password.
  2. The logo reflects the site’s FOUO designation.
  3. A green banner is now featured at the top of all pages, identifying the information system as approved for Unclassified/FOUO data.
  4. A direct link to the non-FOUO site was added.
  5. Clarification of the site’s security level is displayed in the footer.

Non-FOUO http://ako.us.army.mil/ (signified by gray background)

  1. The login box provides space to enter a username/password, without a CAC login option.
  2. The logo reflects the site’s non-FOUO designation.
  3. A dark gray banner is now featured at the top of all pages, identifying the information system as approved for
    • Unclassified/non-FOUO data.
  4. A direct link to the FOUO site was added.
  5. Clarification of the site’s security level is displayed in the dark gray footer.

What happens if I don’t have a CAC?

Individuals who are not issued CACs will only be able to access the non-FOUO portal. They will not be able to see any CAC-secured content (files, folders, pages or channels).

What, if anything, do I need to do?

For most users, this change will have minimal impact on how they access information on AKO. Users who manage content on AKO (folders, files, channels, or pages) should verify the permissions on all content to ensure that CAC-protection is set as intended.

Did my AKO email change?

No, these changes have no impact on access to AKO email. Individuals who are not issued CACs can continue to access their AKO email accounts without interruption.

Leave a Reply

Your email address will not be published. Required fields are marked *