UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The organization must establish implementation guidance for organization-controlled portable and mobile devices.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-MPOL-047 SRG-MPOL-047 SRG-MPOL-047_rule Medium
Description
In order to effectively manage and control its portable and mobile devices, the organization must develop and publish implementation guidance for these devices. Lacking implementation guidance, the organization could be faced with a myriad of configurations tasking its ability to properly manage these devices, or, worst case, provide an opportunity for malicious software/malware to be installed on these devices, which could result in unauthorized access to, modification of, or destruction of sensitive or classified data.
STIG Date
Mobile Policy Security Requirements Guide 2012-10-10

Details

Check Text ( C-SRG-MPOL-047_chk )
Review the organization's published implementation guidance (CONOPS or NETOPS plan) and configuration settings and associated documentation for organization-controlled portable and mobile devices. Ensure the organization has developed and published implementation guidance for organization controlled portable and mobile devices.

If the organization does not have published configuration settings and implementation guidance such as a CONPOS or NETOPS plan, this is a finding.
Fix Text (F-SRG-MPOL-047_fix)
Develop and publish implementation guidance for organization-controlled portable and mobile devices.