UCF STIG Viewer Logo

BlackBerry 10 OS must prevent DoD applications from accessing non-DoD data when the device supports multiple user environments (e.g., work and personal) if such access has not been approved.


Finding ID Version Rule ID IA Controls Severity
V-39314 BB10-00-003360 SV-51136r1_rule Low
When a device is used for more than one purpose (e.g., work and personal) there is the potential for information from one environment to migrate inappropriately over into the other environment. Therefore, it is critical for DoD applications and information be restricted from non-DoD applications and information. In many cases, the presence of non-DoD data on DoD information systems violates either local or department guidelines. In the context of this IA control, a DoD application is an application that processes DoD data. The characteristics of being distributed through a DoD application store, or digitally signed or repacked by a DoD entity, do not by themselves make the application a DoD application. For example, a weather or map application signed and distributed from a DoD application store would not be a DoD application unless the weather, map, or other data was considered DoD data. The mobile operating system must prevent this occurrence using appropriate technical controls to mitigate the risk of data leakage. The objective is to provide appropriate separation between each environment on the device.
BlackBerry 10 OS Security Technical Implementation Guide 2014-08-27


Check Text ( C-46571r2_chk )
On BlackBerry Device Service, verify
"Work App Access to Shared Files in the Personal Space" IT Policy rule is set to "Disallow". Otherwise, this is a finding.
Fix Text (F-44294r2_fix)
On BlackBerry Device Service, set "Work App Access to Shared Files in the Personal Space" IT Policy rule to "Disallow".