Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19202 | WIR1310-04 | SV-21091r3_rule | ECSC-1 | Low |
Description |
---|
Unapproved applications could include malware or introduce other vulnerabilities to the Blackberry system and enclave. |
STIG | Date |
---|---|
BlackBerry Enterprise Server, Part 2 Security Technical Implementation Guide | 2011-07-14 |
Check Text ( C-23139r3_chk ) |
---|
Detailed Policy Requirements: All applications listed in each Application White list must be approved by either the DAA or by the IT configuration control board that reviews and approves workstation applications. Recommend sites use the same or similar process used to approve desktop applications to select, review, test, and approve BlackBerry applications. Check Procedures: For each Application White list assigned to BES user accounts, verify the site has documentation showing the applications are approved by the DAA (or who the DAA has designated as the approval authority for the site). |
Fix Text (F-11479r2_fix) |
---|
Comply with DoD policy. |