UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide


Overview

Date Finding Count (31)
2014-08-29 CAT I (High): 4 CAT II (Med): 23 CAT III (Low): 4
STIG Description
Developed by BlackBerry Ltd. in coordination with DISA for use in the DoD. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-38748 High Only DoD PKI issued or DoD approved software authentication certificates may be installed on BlackBerry PlayBook OS.
V-38739 High BlackBerry PlayBook OS must prevent a user from installing applications from an untrusted source (other than BlackBerry World) in the personal space.
V-38738 High BlackBerry PlayBook OS must not permit mobile service carriers to have privileged access to the operating system or perform any function not directed by the user.
V-53891 High BlackBerry PlayBook OS versions no longer supported by the manufacturer or vendor must not be installed on a device.
V-38742 Medium BlackBerry PlayBook OS must authenticate devices before establishing remote network (e.g., VPN) connections using bidirectional cryptographically based authentication between devices.
V-38743 Medium BlackBerry PlayBook OS VPN client must employ DoD PKI approved mechanisms for authentication when connecting to DoD networks.
V-38740 Medium BlackBerry PlayBook OS must only permit download of software from a DoD approved source (e.g., DoD operated mobile device application store or MDM server).
V-38741 Medium BlackBerry PlayBook OSs Wi-Fi module must use EAP-TLS authentication when authenticating to DoD WLAN authentication servers.
V-38746 Medium BlackBerry PlayBook OS must prohibit the use of non-DoD authorized instant messaging (IM) systems.
V-38744 Medium BlackBerry PlayBook OSs VPN client must use either IPSec or SSL/TLS when connecting to DoD networks.
V-38749 Medium Only DoD PKI issued or DoD approved server authentication certificates may be installed on BlackBerry PlayBook OS.
V-38708 Medium BlackBerry PlayBook OS must disallow the device unlock password from containing fewer than a specified minimum number of lower case alphabetic characters.
V-38709 Medium BlackBerry PlayBook OS must disallow the device unlock password from containing fewer than a specified minimum number of numeric characters.
V-38707 Medium BlackBerry PlayBook OS must disallow the device unlock password from containing fewer than a specified minimum number of upper case alphabetic characters, lower case alphabetic characters, and numeric characters.
V-38704 Medium BlackBerry PlayBook OS must retain the device lock until the user reestablishes access using established identification and authentication procedures.
V-38705 Medium BlackBerry PlayBook OS must lock the device after no more than 15 minutes of inactivity.
V-38703 Medium BlackBerry PlayBook OS must retain the lock work space until the user reestablishes access using established identification and authentication procedures.
V-38755 Medium BlackBerry PlayBook OS must employ mobile device management services to centrally manage VPN profiles
V-38754 Medium BlackBerry PlayBook OS must employ mobile device management services to centrally manage Wi-Fi profiles
V-38757 Medium BlackBerry PlayBook OS must prohibit wireless remote access connections except for personal hotspot service.
V-38756 Medium BlackBerry PlayBook OS must encrypt all data on the mobile device using AES encryption (AES 128 bit encryption key length is the minimum requirement; AES 256 desired).
V-38750 Medium BlackBerry PlayBook OS must prevent a user from using a browser that does not direct its traffic to a DoD proxy server.
V-38753 Medium BlackBerry PlayBook OS must employ mobile device management services to centrally manage email settings
V-38752 Medium BlackBerry PlayBook OS must employ mobile device management services to centrally manage IT Policies
V-38759 Medium BlackBerry PlayBook OS must allow user to configure a non-complex 4 digit password for the personal space.
V-38758 Medium BlackBerry PlayBook OS must not permit a user to disable the password-protected lock feature on the work space.
V-38712 Medium BlackBerry PlayBook OS must enforce a minimum length for the work area password.
V-38706 Low BlackBerry PlayBook OS must synchronize the internal clock at least once every 24 hours with an authoritative time server or the Global Positioning System.
V-38737 Low BlackBerry PlayBook OS must enforce a minimum length for the device unlock password.
V-38710 Low BlackBerry PlayBook OS must enforce a maximum lifetime of 120 days for the device unlock password (password age).
V-38711 Low BlackBerry PlayBook OS must prohibit a user from reusing any of the last five previously used device unlock passwords.