Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-48575 | BBDS-00-000275 | SV-61451r1_rule | Medium |
Description |
---|
DoD can perform due diligence on sources of software to mitigate the risk that malicious software is introduced to those sources. Therefore, if software is downloaded from a DoD-approved source, then it is less likely to be malicious than if it is downloaded from an unapproved source. To prevent access to unapproved sources, the operating system in most cases can be configured to disable user access to public application stores. |
STIG | Date |
---|---|
BlackBerry Enterprise Service v10.2.x BlackBerry Device Service STIG | 2014-07-02 |
Check Text ( C-50901r1_chk ) |
---|
Review the BlackBerry Device Service server configuration to ensure the BlackBerry Device Service server can configure the mobile device Work Space to prohibit the download of software from a DoD non-approved source (e.g., a non-DoD operated mobile device application store or BlackBerry Device Service server). Otherwise, this is a finding. |
Fix Text (F-52183r1_fix) |
---|
Configure the BlackBerry Device Service server so the Work Space is configured to prohibit the download of software from a DoD non-approved source. Log into BlackBerry Administration Service, and under "BlackBerry solution management" on the left side of the screen, navigate to "Policy > Manage IT policies > |