Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
IT Policy rule “FIPS Level” (Security policy group) must be set as required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19725 | WIR1450-10 | SV-21866r1_rule | ECSC-1 | Medium |
| Description |
|---|
| Data stored on the Blackberry or transmitted by the Blackberry could be compromised if not encrypted according to DoD/NIST standards. |
| STIG | Date |
|---|---|
| BlackBerry Enterprise Server (version 5.x), Part 3 Security Technical Implementation Guide | 2013-06-21 |
Details
| Check Text ( C-24162r1_chk ) |
|---|
| Detailed Policy Requirements: BlackBerry FIPS level must be set to Level 1. *****For this check, set IT Policy rule “FIPS Level” (Security policy group) to “1 (FIPS 140-2 Level 1).” Check Procedures: This is a BES IT Policy check. Recommend that all checks related to BES IT policies be reviewed using the procedure in Check WIR1400-01 (V0003545). *****Verify IT Policy rule “FIPS Level” (Security policy group) is set as required. Note: This rule is obsolete in BlackBerry® Enterprise Server versions 4.1 SP3 and later and BlackBerry® Device Software versions 4.2.1and later. |
| Fix Text (F-23386r2_fix) |
|---|
| Configure the IT Policy rule Require FIPS Ciphers as specified in the "Checks" block. |