BlackBerry PlayBook OS must not permit a user to disable the password-protected lock feature on the work space.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-38758 | PB21-00-000410 | SV-50563r1_rule | Medium |
| Description |
|---|
| If the user is able to disable the password-protected lock feature, the user can change the configuration of the device to allow access without a password. The modified configuration would enable an adversary with access to the device to obtain DoD information and possibly other information resources on other systems. An operating system that does not allow a user to disable this feature mitigates the risk of this attack. In cases in which the mobile operating system relies on another application for protected data storage (e.g., if FIPS 140-2 validated encryption for unclassified use is not native to the device), then this requirement applies to both the device lock password and the password to the data storage application. |
| STIG | Date |
|---|---|
| BlackBerry PlayBook OS V2.1 Security Technical Implementation Guide | 2014-08-29 |
Details
| Check Text ( C-46303r1_chk ) |
|---|
| 1. Navigate to "Options -> BlackBerry Balance". 2. Select the Pencil icon. 3. Verify the "Remove Password" button is greyed out. Otherwise, this is a finding. |
| Fix Text (F-43713r1_fix) |
|---|
| On BlackBerry Device Service: Set "Password Required for Work Space" IT Policy rule to: "Yes". |