UCF STIG Viewer Logo

BlackBerry 10 OS must prevent applications from extending the Work Space password lock time.


Finding ID Version Rule ID IA Controls Severity
V-38294 BB10-00-000140 SV-50094r2_rule Medium
The device lock function prevents further access to the system by initiating a session lock after a period of inactivity or upon receiving a request from a user. The device lock is retained until the user reestablishes access using established identification and authentication procedures. A device lock is a temporary action taken when a user stops work, but does not want to shut down because of the temporary nature of the hiatus. During the device lock, a publicly viewable pattern is visible on the associated display, hiding what was previously visible on the screen. Once invoked, the device lock shall remain in place until the user reauthenticates. No other system activity aside from reauthentication can unlock the system. The operating system must lock the device after the organization defined time period. This prevents others from gaining access to the device when not in the user's possession, and from accessing sensitive DoD information. A device lock mitigates the risk that an adversary can access data on an unattended mobile device, but only after the maximum of a 15-minute period of inactivity.
BlackBerry 10 OS Security Technical Implementation Guide 2014-08-27


Check Text ( C-45841r3_chk )
On BlackBerry Device Service, verify "Application Security Timer Reset" IT Policy rule is set to "Disallow". Otherwise, this is a finding.
Fix Text (F-43232r3_fix)
On BlackBerry Device Service, set "Application Security Timer Reset" IT Policy rule to "Disallow".