Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
IT Policy rule “Force Content Protection of Master Keys” (Security policy group) must be set as required.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19728 | WIR1450-13 | SV-21869r3_rule | ECSC-1 | Medium |
| Description |
|---|
| Master keys (used for data encryption) will be stored on the BlackBerry in un-encrypted form and could be compromised. |
| STIG | Date |
|---|---|
| BlackBerry Enterprise Server (version 5.x), Part 3 Security Technical Implementation Guide | 2014-06-11 |
Details
| Check Text ( C-24165r3_chk ) |
|---|
| Detailed Policy Requirements: BlackBerry Master keys must be stored on the BlackBerry in encrypted form. *****For this check, set IT Policy rule “Force Content Protection of Master Keys” (Security policy group) to “Yes". Check Procedures: This is a BES IT Policy check. Recommend all checks related to BES IT policies be reviewed using the procedure in Check WIR1400-01 (V0003545). *****Verify IT Policy rule “Force Content Protection of Master Keys” (Security policy group) is set as required. Mark as a finding if not set as required. |
| Fix Text (F-23386r4_fix) |
|---|
| Configure the IT Policy rule as specified in the "Checks" block. |