When connected to a non-DoD owned network, remote users are trained to either disable the wireless radio or disconnect the network cable when communication is no longer needed or the VPN is disconnected.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19148 | SRC-EPT-100 | SV-20961r1_rule | Low |
| Description |
|---|
| Endpoints that are directly connected to public networks are vulnerable to various forms of attack the longer they remain connected. A properly configured VPN adds defense in depth protection. NOTE: Users who are trained and provide documentation (screen-prints) showing compliance with the telework isolation policy are compliant with the requirement. |
| STIG | Date |
|---|---|
| Remote Access Policy STIG | 2016-03-28 |
Details
| Check Text ( C-22782r1_chk ) |
|---|
| Verify by inspecting the training material or security checklist. An automated method where the NIC is disabled may be implemented. |
| Fix Text (F-19699r1_fix) |
|---|
| Implement automated controls or train users to physically disconnect or disable NICs when no longer connected to the secure VPN. |