UCF STIG Viewer Logo

PDA Security Technical Implementation Guide (STIG)


Overview

Date Finding Count (14)
2013-03-14 CAT I (High): 2 CAT II (Med): 11 CAT III (Low): 1
STIG Description
This STIG contains technical security controls for the operation of a PDA in the DoD environment. In this case, PDA refers to any handheld computing device with or without wireless, except for Commercial Mobile Devices (CMDs) (smartphones or tablet computers).

Available Profiles



Findings (MAC I - Mission Critial Sensitive)

Finding ID Severity Title
V-15814 High The IAO has not ensured PDAs and Smartphones are protected by authenticated login procedures to unlock the device. Either CAC or password authentication is required.
V-25007 High The PDA/smartphone must be configured to require a passcode for device unlock.
V-14202 Medium FIPS 140-2 validated encryption modules must be used to encrypt unclassified sensitive data at rest on the wireless device (e.g., laptop, PDA, smartphone).
V-18627 Medium The VPN client on wireless clients (PDAs, smartphones) used for remote access to DoD networks must be FIPS 140-2 validated.
V-25016 Medium The device minimum password/passcode length must be set as required.
V-25022 Medium PDAs/smartphones must display the required banner during device unlock/ logon.
V-25011 Medium Password/passcode maximum failed attempts must be set to the required value.
V-14275 Medium DoD-licensed anti-malware software will be installed on all wireless clients (e.g., PDAs and smartphones) and non-wireless PDAs.
V-19899 Medium Wireless PDA VPNs must operate with split tunneling disabled.
V-19898 Medium All wireless PDA clients used for remote access to a DoD network must have a VPN capability that supports CAC authentication.
V-18856 Medium Removable memory cards (e.g., MicroSD) must use a FIPS 140-2 validated encryption module to bind the card to a particular device such that the data on the card is not readable on any other device.
V-19897 Medium All wireless PDA clients used for remote access to DoD networks must have a VPN capability that supports AES encryption.
V-18625 Medium PDA and Smartphones that are connected to DoD Windows computers via a USB connection must be compliant with requirements.
V-25009 Low Maximum password/passcode age must be set as required.