UCF STIG Viewer Logo

BlackBerry PlayBook OS V2.1 STIG


Overview

Date Finding Count (30)
2013-05-03 CAT I (High): 3 CAT II (Med): 23 CAT III (Low): 4
STIG Description
Developed by Research In Motion Ltd. in coordination with DISA for use in the DoD.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
PB21-00-000220 High BlackBerry PlayBook OS must prevent a user from installing applications from an untrusted source (other than BlackBerry World) in the personal space.
PB21-00-000210 High BlackBerry PlayBook OS must not permit mobile service carriers to have privileged access to the operating system or perform any function not directed by the user.
PB21-00-000310 High Only DoD PKI issued or DoD approved software authentication certificates may be installed on BlackBerry PlayBook OS.
PB21-00-000260 Medium BlackBerry PlayBook OS VPN client must employ DoD PKI approved mechanisms for authentication when connecting to DoD networks.
PB21-00-000120 Medium BlackBerry PlayBook OS must lock the device after no more than 15 minutes of inactivity.
PB21-00-000140 Medium BlackBerry PlayBook OS must disallow the device unlock password from containing fewer than a specified minimum number of upper case alphabetic characters, lower case alphabetic characters, and numeric characters.
PB21-00-000160 Medium BlackBerry PlayBook OS must disallow the device unlock password from containing fewer than a specified minimum number of numeric characters.
PB21-00-000150 Medium BlackBerry PlayBook OS must disallow the device unlock password from containing fewer than a specified minimum number of lower case alphabetic characters.
PB21-00-000350 Medium BlackBerry PlayBook OS must employ mobile device management services to centrally manage IT Policies
PB21-00-000190 Medium BlackBerry PlayBook OS must enforce a minimum length for the work area password.
PB21-00-000400 Medium BlackBerry PlayBook OS must prohibit wireless remote access connections except for personal hotspot service.
PB21-00-000420 Medium BlackBerry PlayBook OS must allow user to configure a non-complex 4 digit password for the personal space.
PB21-00-000290 Medium BlackBerry PlayBook OS must prohibit the use of non-DoD authorized instant messaging (IM) systems.
PB21-00-000320 Medium Only DoD PKI issued or DoD approved server authentication certificates may be installed on BlackBerry PlayBook OS.
PB21-00-000390 Medium BlackBerry PlayBook OS must encrypt all data on the mobile device using AES encryption (AES 128 bit encryption key length is the minimum requirement; AES 256 desired).
PB21-00-000110 Medium BlackBerry PlayBook OS must retain the device lock until the user reestablishes access using established identification and authentication procedures.
PB21-00-000250 Medium BlackBerry PlayBook OS must authenticate devices before establishing remote network (e.g., VPN) connections using bidirectional cryptographically based authentication between devices.
PB21-00-000270 Medium BlackBerry PlayBook OS's VPN client must use either IPSec or SSL/TLS when connecting to DoD networks.
PB21-00-000330 Medium BlackBerry PlayBook OS must prevent a user from using a browser that does not direct its traffic to a DoD proxy server.
PB21-00-000230 Medium BlackBerry PlayBook OS must only permit download of software from a DoD approved source (e.g., DoD operated mobile device application store or MDM server).
PB21-00-000370 Medium BlackBerry PlayBook OS must employ mobile device management services to centrally manage Wi-Fi profiles
PB21-00-000100 Medium BlackBerry PlayBook OS must retain the lock work space until the user reestablishes access using established identification and authentication procedures.
PB21-00-000410 Medium BlackBerry PlayBook OS must not permit a user to disable the password-protected lock feature on the work space.
PB21-00-000380 Medium BlackBerry PlayBook OS must employ mobile device management services to centrally manage VPN profiles
PB21-00-000240 Medium BlackBerry PlayBook OS's Wi-Fi module must use EAP-TLS authentication when authenticating to DoD WLAN authentication servers.
PB21-00-000360 Medium BlackBerry PlayBook OS must employ mobile device management services to centrally manage email settings
PB21-00-000200 Low BlackBerry PlayBook OS must enforce a minimum length for the device unlock password.
PB21-00-000130 Low BlackBerry PlayBook OS must synchronize the internal clock at least once every 24 hours with an authoritative time server or the Global Positioning System.
PB21-00-000170 Low BlackBerry PlayBook OS must enforce a maximum lifetime of 120 days for the device unlock password (password age).
PB21-00-000180 Low BlackBerry PlayBook OS must prohibit a user from reusing any of the last five previously used device unlock passwords.