Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-30412 | WIR-MOS-NS-050-01 | SV-40117r2_rule | ECWN-1 | Low |
Description |
---|
The risk of installing personally owned or freeware apps on a DoD mobile device should be evaluated by the DAA against mission need and how the device is intended to be used. There is a risk that personally owned or freeware apps could introduce malware on the device, which could impact the performance of the device and corrupt non-sensitive data stored on the device. |
STIG | Date |
---|---|
BlackBerry Playbook OS (NEA mode) Security Technical Implementation Guide (STIG) | 2012-09-21 |
Check Text ( C-39064r1_chk ) |
---|
Check a sample (2-3) of mobile devices managed at the site authorized to connect to a DoD network or store or process sensitive or classified DoD information. Review the Command’s Mobile Device Personal Use policy. Determine if any personally owned apps are installed on the mobile device, including the SD media card. The exact procedure will vary, depending on the OS. If personally owned apps are found, determine if these apps are authorized by the Command’s Mobile Device Personal Use Policy. Mark as a finding if unauthorized personal apps are found on site managed devices. This check is not applicable if the Command’s Mobile Device Personal Use Policy allows the installation of user owned applications. |
Fix Text (F-34175r1_fix) |
---|
Remove unauthorized applications. |