Security requirements for Blackberry PIN-to-PIN messaging are followed. IT Policy rule “Disable Peer-to-Peer Normal Send” (Security policy group) is set as required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19299 | WIR1425-02 | SV-21215r3_rule | ECSC-1 | Low |
| Description |
|---|
| DoD requires PIN-to-PIN messaging use S/MIME support to provide end-to-end encryption of the PIN-to-PIM message and ensure the message contents are not compromised. Also, effective 31 December 2010, the list of allowed encryption algorithms for FIPS 140-2 validation will change. The native encryption algorithm used in PIN-to-PIN messaging on the BlackBerry (Two-Key Triple DES) will be no longer allowed. |
| STIG | Date |
|---|---|
| BlackBerry Enterprise Server, Part 3 Security Technical Implementation Guide | 2011-04-11 |
Details
| Check Text ( C-23343r3_chk ) |
|---|
| Detailed Policy Requirements: *****For this check, Set IT Policy rule “Disable Peer-to-Peer Normal Send” (Security policy group) to “Yes" or "TRUE.” Check Procedures: This is a BES IT Policy check. Recommend that all checks related to BES IT policies be reviewed using the procedure in Check WIR1400-01 (V0003545). *****Verify IT Policy rule “Disable Peer-to-Peer Normal Send” (Security policy group) is set as required. |
| Fix Text (F-23386r1_fix) |
|---|
| Configure the IT Policy rule as specified in the "Checks" block. |