Sites allowing contractors, non-DoD entities, or other DoD organization to remotely connect to the enclave will establish written Memorandum of Agreements (MOAs) with the contractor or other orgranization.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-14751 | SRC-EPT-015 | SV-15507r1_rule | Low |
| Description |
|---|
| To provide the maximum level of security for both the DoD network and the remote corporate enterprise, an MOA is needed that allows administrative oversight and confiscation of compromised equipment. |
| STIG | Date |
|---|---|
| Remote Access Policy STIG | 2016-03-28 |
Details
| Check Text ( C-12973r1_chk ) |
|---|
| Ensure the site maintains administrative oversight and control privileges of the computers. NOTE: The MOA will contain an agreement that allows the site to maintain administrative oversight and control privileges of the remote end point. |
| Fix Text (F-14217r1_fix) |
|---|
| Define written agreements for contractors, partners, and other remote users to begin maintaining administrative oversight and control privileges. |