UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The mobile operating system must permit the user to directly initiate device lock.


Overview

Finding ID Version Rule ID IA Controls Severity
V-32945 SRG-OS-000030-MOS-000010 SV-43343r1_rule Medium
Description
The device lock function prevents further access to the system by initiating a session lock after a period of inactivity or upon receiving a request from a user. The device lock is retained until the user reestablishes access using established identification and authentication procedures. A device lock is a temporary action taken when a user stops work but does not want to log out because of the temporary nature of the hiatus. During the device lock a publicly viewable pattern is visible on the associated display, hiding what was previously visible on the screen. Once invoked, the device lock shall remain in place until the user re-authenticates. No other system activity aside from re-authentication can unlock the system. The operating system must lock the device when the user determines it necessary (e.g., the device will temporarily be outside of the user's possession). This prevents others from gaining access to the device when not in the user's possession and accessing sensitive DoD information.
STIG Date
Mobile Operating System Security Requirements Guide 2013-07-03

Details

Check Text ( C-41247r1_chk )
Examine the mobile operating system for the user feature to directly initiate device lock. If the mobile operating system cannot be configured for a user to directly initiate device lock, this is a finding.
Fix Text (F-36860r1_fix)
Configure the mobile operating system to permit the user feature to directly initiate device lock.