Written user agreements for all users authorized to use the KVM or A/B switch are not being maintained..

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-6675	KVM01.001.00	SV-6823r1_rule	PRRB-1	Low

Description
A written users agreement allows the IAO to be certain the end user that will be using the equipment has been presented with the documentation that explains their duties and responsibilities in relation to the equipment and that they have acknowledged that they have read the documentation and understand it. Though there is no guarantee that user will perform as required, it will lessen the problems caused by uninformed users. The IAO will maintain written user agreements for all users authorized to use the KVM or A/B switch.

Description

A written users agreement allows the IAO to be certain the end user that will be using the equipment has been presented with the documentation that explains their duties and responsibilities in relation to the equipment and that they have acknowledged that they have read the documentation and understand it. Though there is no guarantee that user will perform as required, it will lessen the problems caused by uninformed users. The IAO will maintain written user agreements for all users authorized to use the KVM or A/B switch.

STIG	Date
Keyboard Video and Mouse Switch STIG	2014-08-04

Details

Check Text ( C-2603r1_chk )
The reviewer will interview the IAO and view the written agreements. The agreement will require the user to perform the following. 1. Logging onto an IS. a. Identify the classification of the IS currently selected. b. Use the login and passwords appropriate for that IS. c. Verify the classification of the present IS by checking the classification label/banner. d. Begin processing. 2. Switching between ISs. a. Screen lock the IS you are currently working on if the IS supports this capability. b. Select the desired IS with the switch. c. Enter your user identifier and password to deactivate the screen lock on the newly selected IS. d. Verify the classification of the present IS by checking the classification label/banner. e. Begin processing. The agreement may state that the user has read and understands the SFUG sections dealing with the KVM switch usage if the SFUG or similar documentation exists.

Check Text ( C-2603r1_chk )

The reviewer will interview the IAO and view the written agreements.
The agreement will require the user to perform the following.
1. Logging onto an IS.
a. Identify the classification of the IS currently selected.
b. Use the login and passwords appropriate for that IS.
c. Verify the classification of the present IS by
checking the classification label/banner.
d. Begin processing.
2. Switching between ISs.
a. Screen lock the IS you are currently working on if the
IS supports this capability.
b. Select the desired IS with the switch.
c. Enter your user identifier and password to deactivate
the screen lock on the newly selected IS.
d. Verify the classification of the present IS by checking
the classification label/banner.
e. Begin processing.

The agreement may state that the user has read and understands the SFUG sections dealing with the KVM switch usage if the SFUG or similar documentation exists.

Fix Text (F-6257r1_fix)
Develop a user agreement, have each user of KVM or A/B switches sign a the user agreement, and keep the signed agreement on file.