UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

BlackBerrys that are connected to DoD Windows computers via a USB connection must be compliant with requirements. (This is a Flash Media check.)


Overview

Finding ID Version Rule ID IA Controls Severity
V-19196 WIR1090-01 SV-21035r4_rule ECSC-1 Medium
Description
Malware can be downloaded onto DoD PCs if required procedures are not followed.
STIG Date
BlackBerry Handheld Device Security Technical Implementation Guide 2011-04-11

Details

Check Text ( C-23126r3_chk )
Detailed Policy Requirements:

BlackBerrys will not be connected to DoD Windows computers via a USB connection unless the following conditions are met:

- The DoD Windows computer utilizes the DoD Host Based Security System (HBSS) with the Device Control Module (DCM). Configuration requirements are found in CTO 10-004A.

-Autorun is disabled on the Windows PC.

Check Procedures:

Check Procedures:
Interview the IAO and smartphone administrator. Check the following on sample (use 3-4 devices as a random sample) PCs:

- Verify the site has implemented HBSS with DCM on computers used to connect BlackBerrys. Have the Windows reviewer assist in determining that HBSS with DCM is installed (usually verified during a Windows Workstation review).

- Verify Autorun is disabled (usually verified during a Windows Workstation review).
Fix Text (F-23354r1_fix)
BlackBerrys that are connected to DoD Windows computers via a USB connection must be compliant with requirements.