|Finding ID||Version||Rule ID||IA Controls||Severity|
|Memory card used to transfer files between PCs and PDAs is a migration path for the spread of malware on DoD computers and handheld devices. These risks are mitigated by the requirements listed in this check.|
|PDA Security Technical Implementation Guide (STIG)||2014-03-18|
|Check Text ( C-22664r1_chk )|
| Note: Removable flash media is defined as media that is readily accessible by the user and does not require additional tools to disassemble the device or remove screws to gain access. |
Note: This check applies to any handheld mobile device (PDA, non-email Windows Mobile or Palm OS PDA, bar code scanner, RFID scanner, cell phone, etc.) that is connected to a DoD Windows PC for the purpose of provisioning or transferring data between the PC and mobile device. This check does not apply to BlackBerrys, Windows Mobile smartphones used for email, and SME PEDs. Requirements for these devices are found in the appropriate Checklist for the device.
Interview the IAO to determine if the site uses removable memory cards in site managed handheld PDAs.
-Determine if FIPS 140-2 data encryption has been implemented on the memory cards. Ask the IAO for FIPS certificate or search for it on the NIST web site.
-Determine if the removable data storage media card is bound to the PED such that it may not be read by any other PED or computer. Procedures will vary, depending on system vendor. Ask the IAO for system technical documentation showing this capability and how to configure.
-Determine if the security policy on the PDA is configured to deny the use of removable data storage media on site managed PEDs (if this capability is available). Procedures will vary, depending on system vendor. Ask the IAO for system technical documentation showing this capability and how to configure it.
-Determine if the site uses a removable data storage memory card to load files on site PDAs for the purpose of provisioning the PDA. If yes, verify the memory card used for provisioning has either been provided by the PDA vendor or loaded with provisioning files from a non-NIPRNet computer.
Mark as a finding if the requirements for compliance are not met.
|Fix Text (F-19400r1_fix)|
|Comply with requirement|