BlackBerry Bluetooth SCR use with site PCs must be compliant with requirements.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-11866	WIR1040-02	SV-12366r2_rule	ECWN-1	Low

Description
Insecure Bluetooth configuration on the PC could make it vulnerable to compromise via a Bluetooth attack.

STIG	Date
BlackBerry OS (version 5-7) Security Technical Implementation Guide	2014-06-11

Details

Check Text ( C-14985r2_chk )
Detailed Policy Requirements: When the BlackBerry Bluetooth Smart Card Reader (SCR) is used as a PC SCR, the following requirements must be followed: - The DAA must approve the use of a Bluetooth smart card reader with command/site PCs. Check Procedures: Interview the IAO and wireless email system administrator. Determine if use of the BlackBerry SCR with site PCs has been approved. If Yes, verify the following requirements are met: - The DAA has approved the use of the RIM BlackBerry SCR with site PCs. Have the IAO provide documentation showing DAA approval (letter, memo, SSP, etc.).

Check Text ( C-14985r2_chk )

Detailed Policy Requirements:

When the BlackBerry Bluetooth Smart Card Reader (SCR) is used as a PC SCR, the following requirements must be
followed:
- The DAA must approve the use of a Bluetooth smart card reader with command/site PCs.

Check Procedures:

Interview the IAO and wireless email system administrator.

Determine if use of the BlackBerry SCR with site PCs has been approved. If Yes, verify the
following requirements are met:
- The DAA has approved the use of the RIM BlackBerry SCR with site PCs. Have
the IAO provide documentation showing DAA approval (letter, memo, SSP, etc.).