UCF STIG Viewer Logo

BlackBerry PlayBook OS must only permit download of software from a DoD approved source (e.g., DoD operated mobile device application store or MDM server).


Overview

Finding ID Version Rule ID IA Controls Severity
V-38740 PB21-00-000230 SV-50545r1_rule Medium
Description
DoD can perform due diligence on sources of software to mitigate the risk that malicious software is introduced to those sources. Therefore, if software is downloaded from a DoD approved source, then it is less likely to be malicious than if it is downloaded from an unapproved source. To prevent access to unapproved sources, the operating system in most cases can be configured to disable user access to public application stores. However, in some cases, DoD may approve downloads directly from the OS vendor.
STIG Date
BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide 2014-08-29

Details

Check Text ( C-46285r1_chk )
On BlackBerry Device Service:
1. In the BlackBerry Administration Service, on the BlackBerry solution management menu, expand "Software -> Applications".
2. Click "Manage applications".
3. Review the applications listed under "BlackBerry World Applications". If any applications are listed, this is a finding.
Fix Text (F-43695r1_fix)
On BlackBerry Device Service:
1. In the BlackBerry Administration Service, on the BlackBerry solution management menu, expand "Software -> Applications".
2. Click "Manage applications".
3. Delete all applications under "BlackBerry World Applications".