UCF STIG Viewer Logo

Train users not to connect remote clients which process sensitive information directly into the broadband modem.


Overview

Finding ID Version Rule ID IA Controls Severity
V-19144 SRC-EPT-110 SV-20957r1_rule Low
Description
If a telework devices connect directly to the teleworker’s ISP, such as plugging the device directly into a cable modem, then the device is directly accessible from the Internet and at high risk of being attacked. To prevent this from occurring, the home network should have a security device between the ISP and the telework device. This is most commonly accomplished by using a broadband router (e.g., cable modem router, DSL router) or a firewall appliance.
STIG Date
Remote Access Policy STIG 2016-03-28

Details

Check Text ( C-22764r1_chk )
Inspect the user training material or the remote user checklist.

Verify that the users are trained not to plug the DoD endpoint directly into the broadband modem.

Users must be given assistace (e.g., checklist) on how to configure and and properly connect GFE into a properly configured broadband router or firewall appliance.
Fix Text (F-19695r1_fix)
Ensure the user is trained not to plug the connect directly to the broadband modem but rather to use a correctly configured security gateway.