UCF STIG Viewer Logo

The organization must follow the incident handling policy if classified information is found on mobile devices.


Overview

Finding ID Version Rule ID IA Controls Severity
V-35970 SRG-MPOL-052 SV-47286r1_rule High
Description
In spite of the best security policies, restrictive controls, and random review procedures, incidents of leakage of classified data to unclassified CMDs are bound to occur. In these instances, the organization must have a set of defined procedures to be implemented when classified data is discovered on CMD. Failure to have incident handling procedures defined could result in confusion in the proper handling of the incident by organization personnel, or, worst case, classified data being disclosed to unauthorized sources. This requirement applies to all CMDs. This requirement also applies to sensitive DoD information stored on CMDs that are not authorized to connect to DoD networks or store/process sensitive DoD information. Sensitive DoD data or information is defined as any data/information that has not been approved for public release by the site/Command Public Affairs Officer (PAO).
STIG Date
Mobile Policy Security Requirements Guide 2013-07-03

Details

Check Text ( C-44207r1_chk )
Review the organization's access control and security policy, incident handling procedures, and any other relevant documents. Ensure the organization has defined an incident handling policy with specific actions to be implemented when classified information has been found on mobile devices. Determine if the site has had a data spill within the previous 24 months. If yes, review written records, incident reports, and/or after action reports and determine if required procedures were followed.

If the incident handling policy is not being followed, this is a finding.
Fix Text (F-40497r1_fix)
Follow all incident handling policy actions to be taken when classified information has been identified on mobile devices.