Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-11871 | WIR1055-01 | SV-12371r10_rule | ECSC-1 | Low |
Description |
---|
S/MIME provides the capability for users to send and receive S/MIME email messages from wireless email devices. S/MIME and digital signatures provide assurance that the message is authentic and is required by DoD policy. |
STIG | Date |
---|---|
BlackBerry Handheld Device Security Technical Implementation Guide | 2011-04-11 |
Check Text ( C-14987r4_chk ) |
---|
Perform the following steps on a sample of site blackberry devices (use 3-4 devices as a random sample) as appropriate, to verify users have the capability to sign and encrypt email. Verify that S/MIME is configured such that users may sign messages. Check a sample of BlackBerry devices: - Verify S/MIME application and Smart Card Reader drivers are installed on the device: o On the BlackBerry go to Settings>Options>Advanced Options>Applications. o Look for the following applications: ---S/MIME Support Package ---PIV Drivers (optional) ---BlackBerry Smart Card Reader ---DoD Root Certificates -Verify Certificates are configured on the BlackBerry: ---Settings>Options>Security Options>Certificate Servers – GDS and OCSP servers should be listed. ---Settings>Options>Security Options>Certificate - DoD Root certificates should be listed. ---Settings>Options>Security Options>S/MIME – User’s public keys should be loaded. |
Fix Text (F-23347r1_fix) |
---|
BlackBerry devices must be provisioned so that users can digitally sign and encrypt emergency and/or critical e-mail notifications. |