Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19752 | WIR1450-33 | SV-21898r3_rule | ECSC-1 | Low |
Description |
---|
Blackberry can automatically download software patches over a Wi-Fi network, which may cause a non-DoD approved software upgrade to be loaded on the Blackberry and expose the BlackBerry and DoD enclave to malware. Patches should be pushed to BlackBerrys by the system administrator via the BES connection. |
STIG | Date |
---|---|
BlackBerry Enterprise Server, Part 3 Security Technical Implementation Guide | 2011-07-14 |
Check Text ( C-24198r2_chk ) |
---|
Detailed Policy Requirements: Configuration management of the Blackberry device software will be maintained. Only authorized software will be installed from a trusted source. *****For this check, set IT Policy rule “Disallow Patch Download Over Wi-Fi” (Wireless Software Upgrades policy group) to “Yes" or "TRUE.” Check Procedures: This is a BES IT Policy check. Recommend that all checks related to BES IT policies be reviewed using the procedure in Check WIR1400-01 (V0003545). *****Verify IT Policy rule “Disallow Patch Download Over Wi-Fi” (Wireless Software Upgrades policy group) is set as required. |
Fix Text (F-23386r1_fix) |
---|
Configure the IT Policy rule as specified in the "Checks" block. |