BlackBerry PlayBook OS must prohibit the use of non-DoD authorized instant messaging (IM) systems.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-38746 | PB21-00-000290 | SV-50551r1_rule | Medium |
| Description |
|---|
| Many instant messaging systems have known vulnerabilities, some of which allow an adversary to install malware on the device. This malware can then be used to obtain sensitive information or further compromise DoD information systems. Restricting IM traffic to DoD authorized IM systems mitigates the risk of using IM technology. |
| STIG | Date |
|---|---|
| BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide | 2014-08-29 |
Details
| Check Text ( C-46291r1_chk ) |
|---|
| On BlackBerry Device Service: 1. In the BlackBerry Administration Service, on the BlackBerry solution management menu, expand "Software -> Applications". 2. Click "Manage applications". 3. Review the listed IM systems. If any unauthorized IM systems are listed, this is a finding. |
| Fix Text (F-43701r1_fix) |
|---|
| On BlackBerry Device Service: 1. In the BlackBerry Administration Service, on the BlackBerry solution management menu, expand "Software -> Applications". 2. Click "Manage applications". 3. Delete the unauthorized IM system application. |