UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The organization must have a policy forbidding the use of wireless personal area network (PAN) devices, such as near-field communications (NFC), Bluetooth, and ZigBee, to send, receive, store, or process classified information.


Overview

Finding ID Version Rule ID IA Controls Severity
V-35958 SRG-MPOL-040 SV-47274r1_rule High
Description
Classified data could be compromised since wireless PAN devices do not meet DoD encryption requirements for classified data.
STIG Date
Mobile Policy Security Requirements Guide 2013-07-03

Details

Check Text ( C-44195r1_chk )
Verify compliance by reviewing the user agreement or security briefing to ensure personnel have been properly instructed on the policy that states that wireless PAN devices cannot be used for, or around classified processing. If the user agreement or security briefing does not exist, this is a finding.

Note: The check applies to Wireless USB (WUSB) devices; however, it does not apply to wireless email devices (BlackBerry, Windows Mobile, etc.). Review the appropriate wireless email device security requirements for Bluetooth on these devices.
Fix Text (F-40485r1_fix)
Develop and publish a policy forbidding the use of wireless PAN devices for classified processing.