UCF STIG Viewer Logo

Non-core applications used on the BlackBerry must be approved.


Overview

Finding ID Version Rule ID IA Controls Severity
V-19202 WIR1310-04 SV-21091r2_rule ECSC-1 Low
Description
Unapproved applications could include malware or introduce other vulnerabilities to the BlackBerry system and enclave.
STIG Date
BlackBerry Enterprise Server, Part 2 Security Technical Implementation Guide 2012-10-01

Details

Check Text ( C-23139r2_chk )
Detailed Policy Requirements:

All applications listed in each Application White list must be approved by either the DAA or by the IT configuration control board that reviews and approves workstation applications. Recommend sites use the same or similar process used to approve desktop applications to select, review, test, and approve BlackBerry applications.

Check Procedures:

For each Application White list assigned to BES user accounts, verify the site has documentation showing the applications are approved by the DAA (or who the DAA has designated as the approval authority for the site).

Fix Text (F-11479r1_fix)
Comply with DoD policy.