UCF STIG Viewer Logo

BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.


Overview

Finding ID Version Rule ID IA Controls Severity
V-19311 WIR1040-03 SV-21228r3_rule ECSC-1 Medium
Description
Non-secure Bluetooth configuration on the PC could make it vulnerable to compromise via a Bluetooth attack.
STIG Date
BlackBerry OS 7.x.x Security Technical Implementation Guide 2015-08-12

Details

Check Text ( C-23355r3_chk )
Detailed Policy Requirements:

When the BlackBerry Bluetooth Smart Card Reader (SCR) is used as a PC SCR, the following requirements must be followed:

At the time of the publication of this document, the use of the BlackBerry SCR for authentication with PCs is only authorized with PCs that have Microsoft Windows XP. The Microsoft Vista and Windows 7 Bluetooth stack has not yet been tested with the BlackBerry SCR to determine if Bluetooth device pairing can be done in a secure manner and meets DoD security requirements.

Check Procedures:

Perform the following checks on site PCs used with the BlackBerry Bluetooth SCR:

Interview the ISSO and SA and verify the BlackBerry SCR is not used with Windows Vista and Windows 7. BlackBerry users with Vista or Windows 7 on their PCs must be put in the BlackBerry users group not authorized to use the BlackBerry SCR with their PCs.
Fix Text (F-23344r1_fix)
BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.