Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-11871 | WIR1055-01 | SV-12371r2_rule | ECSC-1 | Low |
Description |
---|
S/MIME provides the capability for users to send and receive S/MIME email messages from wireless email devices. S/MIME and digital signatures provide assurance that the message is authentic and is required by DoD policy. |
STIG | Date |
---|---|
BlackBerry OS (version 5-7) Security Technical Implementation Guide | 2014-06-11 |
Check Text ( C-14987r2_chk ) |
---|
Perform the following steps on a sample of site BlackBerry devices (use 2-3 devices as a random sample), as appropriate, to verify users have the capability to sign and encrypt email. Verify S/MIME is configured such that users may sign messages. Check a sample of BlackBerry devices: - Verify S/MIME application and Smart Card Reader drivers are installed on the device: o On the BlackBerry go to Settings>Options>Advanced Options>Applications. o Look for the following applications: ---S/MIME Support Package ---PIV Drivers (optional) ---BlackBerry Smart Card Reader ---DoD Root Certificates -Verify Certificates are configured on the BlackBerry: ---Settings>Options>Security Options>Certificate Servers – GDS and OCSP servers should be listed. ---Settings>Options>Security Options>Certificate - DoD Root certificates should be listed. ---Settings>Options>Security Options>S/MIME – User’s public keys should be loaded. |
Fix Text (F-23347r2_fix) |
---|
BlackBerry devices must be provisioned so users can digitally sign and encrypt emergency and/or critical email notifications. |