The IDPS must enforce requirements for the connection of mobile devices to organizational information systems.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34538 | SRG-NET-000072-IDPS-00058 | SV-45380r1_rule | Medium |
| Description |
|---|
| This control requires access control for portable and mobile devices. Mobile devices include portable storage media (e.g., USB memory sticks, external hard disk drives) and portable computing and communications devices with information storage capability (e.g., notebook/laptop computers, personal digital assistants, cellular telephones, digital cameras, audio recording devices). Unless restrictions are put in place, a user connecting to the enclave via a mobile device can access/perform everything they could access/perform as those connected via Ethernet. |
| STIG | Date |
|---|---|
| Intrusion Detection and Prevention Systems (IDPS) Security Requirements Guide | 2012-11-19 |
Details
| Check Text ( C-42729r1_chk ) |
|---|
| Verify rules exist to detect, block, or redirect transmissions from unauthorized mobile devices. Mobile devices include: USB memory sticks, external hard disk drives, notebook/laptop computers, personal digital assistants, cellular telephones, digital cameras, and audio recording devices. If rules do not exist that monitor for mobile devices, this is a finding. |
| Fix Text (F-38777r1_fix) |
|---|
| Create rules to monitor for mobile device IDs or other markers of mobile devices. Upon detection of unauthorized devices, an action to notify an administrator or block the traffic must be implemented. |