Communications Security (COMSEC) is used to prevent unauthorized access to telecommunications while still allowing its users access and falls under Information Security (INFOSEC). Its goal is to maintain the confidentiality, integrity, and availability of DoD classified and unclassified information that has not been approved for public release during transmission. It protects traffic on military communications networks, including voice, video, and data and is used for both analog and digital applications, and both wired and wireless links. COMSEC includes:

• Cryptosecurity
• Transmission Security (TRANSEC)
• Emission security
• Physical security of COMSEC material

Communications Security (COMSEC) Policy Objectives [1]

1. Transmission of DoD information shall be protected through the COMSEC measures
2. COMSEC materials shall be developed, acquired, operated, maintained, and disposed of through the approved methods
3. A program to ensure operational availability of commonly used COMSEC equipment during crisis or contingencies shall be established and maintained.
4. COMSEC equipment shall be compatible with DoD-approved key management systems. Controlled Cryptographic Items (CCI) shall be accounted for in the COMSEC Material Control System (CMCS), an equivalent material control system, or a combination of the two that provides accountability and visibility of the CCI. Any system chosen must meet the provisions of Annex C of National Security Telecommunications and Information Systems Security Instruction No. 4001
5. Classified cryptographic devices and unencrypted keying material shall be accounted for in the CMCS. Encrypted keying material may be handled and tracked similarly if desired.
6. COMSEC equipment users and maintenance technicians shall be appropriately trained, including certification if required.
7. The DoD shall follow Committee on National Security Systems (CNSS) COMSEC policy documents as issued.

Secure voice over internet protocol (SVOIP) has become the defacto standard for securing voice communication, replacing the need for STU-X and STE equipment in much of the DoD.

AcqLinks and References:

• Acquisition Security Related Policies and Issuances
• [1] DoD Instruction 8523.01 “Communications Security (COMSEC)” 22 April 2008
• DoD Directive C-5100.19 “Critical Information Communications (CRITICOMM) System” 10 Jun 2000 (controlled)
• DoD Directive O-3600.3 “Technical Assurance Std. for Computer Network Attack (CNA) Capabilities” (controlled)
• DoD Instruction S-5200.16 “Objectives and Minimum Standards for COMSEC Measures Used in NC2 Communications”  (controlled)

Updated: 7/22/2021

Rank: 10.1