UCF STIG Viewer Logo

General Mobile Device (Technical) (Non-Enterprise Activated) Security Technical Implementation Guide


Overview

Date Finding Count (8)
2013-03-19 CAT I (High): 0 CAT II (Med): 0 CAT III (Low): 8
STIG Description
This STIG provides technical security controls for the use of mobile devices (smartphone and tablets) that are not authorized to be connected to a DoD network or store or process sensitive or classified DoD data/information. Non-enterprise activated refers to any device that is operated under the use conditions found in Section 2.1 of the STIG overview document. See section 1.1 of the STIG overview document for additional information.

Available Profiles



Findings (MAC I - Mission Critial Public)

Finding ID Severity Title
V-25007 Low Smartphones must be configured to require a password/passcode for device unlock.
V-25016 Low The device minimum password/passcode length must be set.
V-24986 Low All non-core applications on mobile devices must be approved by the DAA or Command IT Configuration Control Board.
V-25010 Low The smartphone inactivity timeout must be set.
V-30418 Low Download of user owned data (music files, picture files, etc.) on mobile devices must be based on the Command’s Mobile Device Personal Use Policy.
V-30419 Low Connecting mobile devices to user social media web accounts (Facebook, Twitter, etc.) must be based on the Command’s Mobile Device Personal Use Policy.
V-30412 Low The installation of user owned applications on the mobile device must be based on the Command’s Mobile Device Personal Use Policy.
V-30417 Low The use of the mobile device to view and/or download personal email must be based on the Command’s Mobile Device Personal Use Policy.