Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-24965 | WIR-SPP-009 | SV-30702r3_rule | ECSC-1 | Medium |
Description |
---|
Non-DoD IM servers can be located anywhere in the world and may be under an adversary’s control. If a DoD CMD IM client connects to a non-DoD IM server, malware could be installed on the CMD from the server or sensitive DoD data on the CMD could be transferred to the server. In addition, if malware is installed on the CMD, this could lead to hacker attacks on the DoD enclave the CMD connects to. |
STIG | Date |
---|---|
Commercial Mobile Device (CMD) Policy Security Technical Implementation Guide (STIG) | 2013-01-17 |
Check Text ( C-31129r7_chk ) |
---|
Interview the IAO or CMD system administrator and determine if CMD IM is used on site-managed CMDs. If yes, determine what server the CMD IM system connects to. - The server should be managed by a DoD site. - The IM system must be compliant with the Instant Messaging STIG. Mark as a finding if the IM server, the CMD IM app connects to, is not managed by a DoD site and is not compliant with the IM STIG. |
Fix Text (F-27600r2_fix) |
---|
Ensure the IM client application connects only to a DoD controlled IM server compliant with the Instant Messaging STIG. |