BlackBerrys that are connected to DoD Windows computers via a USB connection must be compliant with requirements. The IT Policy rule "Disable USB Mass Storage Mode" (Security policy group) has been set to Yes or TRUE on the BlackBerry Enterprise Server (BES).

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-19766	WIR1460-01	SV-21913r2_rule	ECSC-1	Medium

Description
Malware could be downloaded on network PC if required procedures are not followed.

STIG	Date
BlackBerry Enterprise Server, Part 3 Security Technical Implementation Guide	2011-07-14

Details

Check Text ( C-24281r2_chk )
Detailed Policy Requirements: ***For this check, set the IT Policy rule "Disable USB Mass Storage Mode" (Security policy group) must be set to "Yes" or "TRUE" on the BlackBerry Enterprise Server (BES). Check Procedures: This is an IT Policy check. Recommend that all checks related to BES IT Policies be reviewed using the procedure in Check WIR1400-01 (V0003545). ***Verify IT Policy rule "Disable USB Mass Storage Mode" (Security policy group) is set as required.

Check Text ( C-24281r2_chk )

Detailed Policy Requirements:

*****For this check, set the IT Policy rule "Disable USB Mass Storage Mode" (Security policy group) must be set to "Yes" or "TRUE" on the BlackBerry Enterprise Server (BES).

Check Procedures:

This is an IT Policy check. Recommend that all checks related to BES IT Policies be reviewed using the procedure in Check WIR1400-01 (V0003545).

*****Verify IT Policy rule "Disable USB Mass Storage Mode" (Security policy group) is set as required.

Fix Text (F-23386r1_fix)
Configure the IT Policy rule as specified in the "Checks" block.