Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-58961 | MSWP-81-500906 | SV-73391r1_rule | Medium |
Description |
---|
Generally, when doing document collaboration, it is useful, from a productivity perspective, to be able to share those documents with peers who can review and edit those documents. But, if those same documents can be shared to public locations through email and cloud storage services, data leakage scenarios are possible, enabling sensitive data to be shared outside of secure DoD locations. To mitigate these threats, the sharing capability of documents should be disabled to prevent this possibility. SFR ID: FMT_SMF.1.1 #42 |
STIG | Date |
---|---|
Microsoft Windows Phone 8.1 Security Technical Implementation Guide | 2015-03-26 |
Check Text ( C-59791r1_chk ) |
---|
This validation procedure is performed on both the MDM administration console and the Windows Phone mobile device. On the MDM administration console: 1. Ask the MDM administrator to verify the phone compliance policy. 2. Find the setting for "allow sharing of documents (Office)". 3. Verify that setting restriction is turned off/disallowed. On the Windows Phone mobile device: 1. From the Start page, swipe to the left to show the all apps list, find "Office", and tap on it. 2. Swipe to the left until you see the page called "places". 3. Tap on the "phone" location. 4. Tap on the file called "sample spreadsheet". 5. Tap on the menu (look for 3 dots) at the lower right of the screen, and then scroll through that menu and look for "share". 6. Verify that in that menu the menu item called "share" is grayed out/disabled. If the MDM console does not have the Office Sharing policy disabled, or if the sharing menu item for an Office document is not disabled and can be tapped on and a share action started, this is a finding. |
Fix Text (F-64355r1_fix) |
---|
Configure the MDM system to require the "allow sharing of documents (Office)" policy to be disabled for Windows Phone devices. Deploy the MDM policy on managed devices. |