Where non-DoD information systems are used for processing unclassified emails for the teleworker whose normal duty location in the mobile or telework location (s), the user will have the ability to send and receive digitally encrypted and signed email.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-21800 | SRC-EPT-056 | SV-24381r1_rule | Low |
| Description |
|---|
| DoD Instruction 8510.01, “DoD Information Assurance Certification and Accreditation Process (DIACAP). Users need this capability to read and send digitally signed email and to ensure non-repudiation. |
| STIG | Date |
|---|---|
| Remote Access Policy STIG | 2016-03-28 |
Details
| Check Text ( C-26069r1_chk ) |
|---|
| interview the SA and ask if PKI is implemented on the endpoint's computer and configured for use by the email program.. |
| Fix Text (F-22584r1_fix) |
|---|
| Ensure the email solution on the remote access device has the ability to digitally sign messages. |