UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

BlackBerry Handheld Device Security Technical Implementation Guide



Findings (MAC I - Mission Critical Sensitive)

Finding ID Severity Title
V-11870 High Onset Technologies METAmessage software must not be installed on DoD BlackBerry devices or on the BES.
V-19196 Medium BlackBerrys that are connected to DoD Windows computers via a USB connection must be compliant with requirements. (This is a Flash Media check.)
V-19197 Medium BlackBerrys with removable memory cards (e.g., MicroSD) must be compliant with requirements.
V-19311 Medium BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.
V-19312 Medium Blackberry Bluetooth SCR use with site PCs must be compliant with requirements.
V-16340 Medium BlackBerry devices managed by the site must be scanned with the DoD Autoberry tool or the commercially available Fixmo Sentinel tool as required.
V-19216 Medium Mitigation actions identified by Autoberry or Fixmo Sentinel scans on site managed BlackBerrys are being implemented. (The results and mitigation actions reported by the tool should be available from the site IAO or BlackBerry administrator.)
V-26508 Medium Only approved Bluetooth headset and handsfree devices must be used with site managed Blackberry devices.
V-19213 Medium BlackBerry devices have required operating system software version installed.
V-11871 Low BlackBerry devices must be provisioned so that users can digitally sign and encrypt e-mail notifications or any other email required by DoD policy.
V-11872 Low If BlackBerry email auto signatures are used, the signature message does not disclose that the email originated from a BlackBerry or mobile device (e.g., “Sent From My Wireless Handheld”).
V-11875 Low All Internet browser icons must be disabled from the BlackBerry device except for the BlackBerry Internet Browser icon.
V-11866 Low BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.
V-11865 Low When the Password Keeper is enabled on the BlackBerry device, the DAA has reviewed and approved its use, and the application is configured as required.
V-19281 Low BlackBerry devices must be provisioned so that users can digitally sign and encrypt e-mail notifications.
V-19313 Low BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.
V-19227 Low Security configuration settings on the BlackBerry devices managed by the site are compliant with requirements listed in Table 5, BlackBerry STIG Configuration Tables.
V-19228 Low The setup of group BlackBerrys must be compliant with requirements listed in Appendix E of the BlackBerry STIG Overview.
V-22058 Low BlackBerry Web Desktop Manager (BWDM) must be configured for CAC authentication.
V-19217 Low The results and mitigation actions from Autoberry and Fixmo Sentinel tool scans must be maintained by the site for at least 6 months (1 year recommended).
V-21949 Low Required version of the Blackberry Smart Card Reader (SCR) hardware must be used and required versions of the drivers must be installed both on the BlackBerry and the SCR.