The network element must monitor for unauthorized connections of mobile devices to information systems.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-26993	SRG-NET-000071	SV-34287r1_rule		Medium

Description
Wireless services enable users within close proximity of access points to have access to data and services within the private network. The security boundary of a Wireless LAN extends from the client device to the network boundary where network access is controlled. This boundary represents the portion of the network most vulnerable to attack and thereby must be protected. Unless restrictions are put in place, a user connecting to the enclave via wireless access can access/perform everything he/she could access/perform as those connected via Ethernet. Monitoring will ensure unauthorized access to the enclave’s resources and data will not go undetected. Use of unapproved devices to process non-publicly releasable data increases the risk to the network. Devices attached to or inserted into the end point's plug-and-play ports and slots can be a vector for the insertion of malware when used to access the network. Storage devices are portable and can be easily concealed. Requiring approval prior to use these devices heightens awareness of the threat, limits the potential use of contaminated devices, and allows for proper tracking and control. Designated Approval Authority (DAA) approval of flash memory devices is required by the United States Cyber Command (USCYBERCOM) Communications Task Order (CTO) 10-004A Removable Flash Media Device Implementation within and between Department of Defense (DoD) Networks (U/FOUO) (or latest version of this CTO).

Description

Wireless services enable users within close proximity of access points to have access to data and services within the private network. The security boundary of a Wireless LAN extends from the client device to the network boundary where network access is controlled. This boundary represents the portion of the network most vulnerable to attack and thereby must be protected. Unless restrictions are put in place, a user connecting to the enclave via wireless access can access/perform everything he/she could access/perform as those connected via Ethernet. Monitoring will ensure unauthorized access to the enclave’s resources and data will not go undetected. Use of unapproved devices to process non-publicly releasable data increases the risk to the network. Devices attached to or inserted into the end point's plug-and-play ports and slots can be a vector for the insertion of malware when used to access the network. Storage devices are portable and can be easily concealed. Requiring approval prior to use these devices heightens awareness of the threat, limits the potential use of contaminated devices, and allows for proper tracking and control. Designated Approval Authority (DAA) approval of flash memory devices is required by the United States Cyber Command (USCYBERCOM) Communications Task Order (CTO) 10-004A Removable Flash Media Device Implementation within and between Department of Defense (DoD) Networks (U/FOUO) (or latest version of this CTO).

STIG	Date
Network Security Requirements Guide	2011-12-28

Details

Check Text ( None )
None

Fix Text (None)
None